Vimscript Code Injection Vulnerability in Vim's netrw Plugin
CVE-2026-47162
7.3HIGH
What is CVE-2026-47162?
A code injection vulnerability exists in the netrw plugin of Vim, which allows attackers to craft directory names that break out of string literals in Vimscript. This occurs in the s:NetrwBookHistSave() function when saving browsed directory paths to the history file. If triggered, the malicious directory name can execute arbitrary Vimscript or shell commands upon sourcing the history file at a later time. This vulnerability has been addressed in version 9.2.0495.
Affected Version(s)
vim < 9.2.0495
