PT-2026-38684 · Vim+2 · Vim+2

Q1Uf3Ng

Published

2026-05-03

Updated

2026-06-23

CVE-2026-44656

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0435

Description An OS command injection issue exists in the :find command-line completion. When the path option contains shell commands enclosed in backticks, these commands are executed during file name completion. Since the path option lacks the P SECURE flag, it can be modified via a modeline. This allows an attacker who controls a file's content to execute arbitrary shell commands if a user opens that file and triggers the :find completion.

Recommendations Update to version 9.2.0435.

Exploit

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

BDU:2026-06512

CVE-2026-44656

ECHO-DBB6-47A0-A981

OESA-2026-2447

OESA-2026-2448

OESA-2026-2449

OESA-2026-2450

OESA-2026-2472

OPENSUSE-SU-2026:11114-1

SUSE-SU-2026:2313-1

USN-8304-1

Affected Products

Linuxmint

Ubuntu

Vim

PT-2026-38684 · Vim+2 · Vim+2

CVE-2026-44656

Weakness Enumeration

Related Identifiers

Affected Products

References · 55