Skip to main content

Vim CVE-2026-39881

| EUVD-2026-20622 MEDIUM
Code Injection (CWE-94)
2026-04-08 GitHub_M
RCE Command Injection Code Injection Vim
5.0
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
5.0 MEDIUM
AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:N
SUSE
3.1 LOW
AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:N
Red Hat
5.0 MEDIUM
qualitative

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:N
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
High
Availability
None

Lifecycle Timeline

4
Patch available
Apr 16, 2026 - 05:29 EUVD
9.2.0316
EUVD ID Assigned
Apr 08, 2026 - 20:46 euvd
EUVD-2026-20622
Analysis Generated
Apr 08, 2026 - 20:46 vuln.today
CVE Published
Apr 08, 2026 - 20:18 nvd
MEDIUM 5.0

DescriptionGitHub Advisory

Vim is an open source, command line text editor. Prior to 9.2.0316, a command injection vulnerability in Vim's netbeans interface allows a malicious netbeans server to execute arbitrary Ex commands when Vim connects to it, via unsanitized strings in the defineAnnoType and specialKeys protocol messages. This vulnerability is fixed in 9.2.0316.

AnalysisAI

Vim 9.2.0315 and earlier contains a command injection vulnerability in the netbeans interface that allows a malicious netbeans server to execute arbitrary Ex commands via unsanitized strings in defineAnnoType and specialKeys protocol messages. An authenticated local attacker with user-level privileges and ability to interact with a netbeans connection can achieve code execution with the privileges of the Vim process. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment The CVSS 5.0 score reflects a localized attack vector (AV:L), high attack complexity (AC:H), and requirement for low user privileges and user interaction (PR:L/UI:R), resulting in low confidentiality impact but high integrity impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker sets up a malicious netbeans server and convinces a local user to connect Vim to it (via a crafted network configuration or social engineering). When Vim connects, the attacker sends a specially crafted defineAnnoType or specialKeys message containing Ex command metacharacters. …
Remediation Upgrade Vim to version 9.2.0316 or later, which contains the upstream fix committed at https://github.com/vim/vim/commit/7ab76a86048ed492374ac6b19. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-47162 HIGH
7.3 Jun 11

Vimscript code injection in the netrw plugin shipped with Vim before 9.2.0495 allows attackers who can plant or have a v
CVE-2026-52859 MEDIUM
6.9 Jun 11

Out-of-bounds read in Vim's built-in terminal emulator (`:terminal` feature) prior to version 9.2.0565 allows a program

CVE-2026-47167 MEDIUM
5.1 Jun 11

Code injection via unsanitized step-definition patterns in Vim's cucumber filetype plugin allows arbitrary Ruby and shel

Vendor StatusVendor

SUSE

Severity: Low
Product Status
SLES15-SP5-CHOST-BYOS-SAP-CCloud Fixed
SLES15-SP6-CHOST-BYOS Fixed
SLES15-SP6-CHOST-BYOS-Aliyun Fixed
SLES15-SP6-CHOST-BYOS-Azure Fixed
SLES15-SP6-CHOST-BYOS-EC2 Fixed

Share

CVE-2026-39881 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy