๐Ÿ” CVE Alert

CVE-2026-59858

UNKNOWN 0.0

Vim: Arbitrary Code Execution via C Omni-Completion

CVSS Score
0.0
EPSS Score
0.1%
EPSS Percentile
4th

Vim is an open source, command line text editor. Prior to 9.2.0735, the C omni-completion script in runtime/autoload/ccomplete.vim interpolates the typeref: or typename: extension field of a tags entry, without escaping, into a :vimgrep pattern that is run through :execute. Because :vimgrep honors the bar as a command separator, a crafted tag field can close the search pattern and append an arbitrary Ex command; opening a hostile .c file whose project tags file contains such an entry and invoking C omni-completion runs that command as the editing user. This issue is fixed in version 9.2.0735.

CWE CWE-94
Vendor vim
Product vim
Published Jul 9, 2026
Last Updated Jul 14, 2026
Stay Ahead of the Next One

Get instant alerts for vim vim

Be the first to know when new unknown vulnerabilities affecting vim vim are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

vim / vim
< 9.2.0735

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
github.com: https://github.com/vim/vim/security/advisories/GHSA-mf92-v4xw-j45x github.com: https://github.com/vim/vim/commit/6b611b0d15603c52ebdad17172b0232b4f65704e