CVE-2026-47162

CVE Details

Release Date:2026-06-11
Impact:Important What is this?

Description


Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave() in the netrw plugin (runtime/pack/dist/opt/netrw/autoload/netrw.vim) when serializing browsed directory paths to the history file ~/.vim/.netrwhist. A directory name derived from the filesystem is interpolated into a single-quoted Vimscript string literal without escaping embedded single quotes, allowing a crafted directory name to break out of the string context and execute arbitrary Vimscript, including shell commands via system() and :!, the next time the history file is sourced. This issue has been patched in version 9.2.0495.

See more information about CVE-2026-47162 from MITRE CVE dictionary and NIST NVD


NOTE: The following CVSS metrics and score provided are preliminary and subject to review.


CVSS v3 metrics

Base Score: 7.3
Vector String: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Version: 3.1
Attack Vector: Local
Attack Complexity: Low
Privileges Required: Low
User Interaction: Required
Scope: Unchanged
Confidentiality Impact: High
Integrity Impact: High
Availability Impact: High

Errata information


PlatformErrataRelease Date
Oracle Linux version 8 (vim) ELSA-2026-385102026-07-13
Oracle Linux version 9 (vim) ELSA-2026-385112026-07-14


This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

software.hardware.complete