VDB

TNCVE-2026-34714

TNCVE-2026-34714 PUBLISHED

Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configuration, because %{expr} injection occurs with tabpanel lacking P_MLE.

Timeline

  • Mar 30, 2026 CVE Published

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›