VDB

TNCVE-2026-39881

TNCVE-2026-39881 PUBLISHED

Vim is an open source, command line text editor. Prior to 9.2.0316, a command injection vulnerability in Vim's netbeans interface allows a malicious netbeans server to execute arbitrary Ex commands when Vim connects to it, via unsanitized strings in the defineAnnoType and specialKeys protocol messages. This vulnerability is fixed in 9.2.0316.

Timeline

  • Apr 8, 2026 CVE Published

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›