Srixivas

**Name of the Vulnerable Software and Affected Versions** Vim versions prior to 9.2.0357 **Description** Command injection occurs during tag file processing. When resolving a tag, the filename field from the tags file undergoes wildcard expansion to resolve environment variables and wildcards. If this field contains backtick syntax, such as `command`, the embedded command is executed via the system shell with the full privileges of the running user. **Recommendations** Update to version 9.2.0357 or later.