Pyllyukko

**Name of the Vulnerable Software and Affected Versions** Vim versions prior to 9.2.0202 **Description** Vim, a command line text editor, contains a flaw in its `glob()` function on Unix-like systems. Including a newline character ( ) within a pattern provided to `glob()` could allow an attacker to execute arbitrary shell commands. The vulnerability's impact is dependent on the user's 'shell' setting. This occurs when a Vimscript plugin passes untrusted user input into the `glob()` function. **Recommendations** Update to version 9.2.0202 or later.