PatchSiren cyber security CVE debrief
CVE-2026-33412 vim CVE debrief
CVE-2026-33412 is a command injection vulnerability in Vim's glob() function on Unix-like systems. This vulnerability allows an attacker to execute arbitrary shell commands by including a newline character (n) in a pattern passed to glob(). The vulnerability's impact depends on the user's 'shell' setting. Vim version 9.2.0202 patches this issue. Users should update to this version or apply mitigations to prevent exploitation. The vulnerability has a CVSS score of 5.6 and is considered medium severity.
- Vendor
- vim
- Product
- Unknown
- CVSS
- MEDIUM 5.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-03-24
- Original CVE updated
- 2026-06-30
- Advisory published
- 2026-03-24
- Advisory updated
- 2026-06-30
Who should care
Users of Vim on Unix-like systems should be aware of this vulnerability. Specifically, developers and administrators using Vim for development or editing tasks should check their systems for exposure and update to version 9.2.0202 or apply compensating controls. Red Hat users can refer to errata RHSA-2026:10065 and others for specific guidance.
Technical summary
CVE-2026-33412 is a command injection vulnerability in the glob() function of Vim, a popular open-source command-line text editor. The vulnerability exists on Unix-like systems and is due to improper handling of newline characters in patterns passed to glob(). An attacker could exploit this by crafting a malicious pattern that, when processed by Vim, executes arbitrary shell commands. The vulnerability's impact is dependent on the user's shell configuration. This issue has been addressed in Vim version 9.2.0202. The Common Vulnerability Scoring System (CVSS) score for this vulnerability is 5.6, indicating medium severity.
Defensive priority
Apply the patch: Update Vim to version 9.2.0202 or later. Restrict access: Limit access to Vim on Unix-like systems, especially in multi-user environments. Monitor for suspicious activity: Regularly review system logs for signs of exploitation attempts.
Recommended defensive actions
- Update Vim to version 9.2.0202 or later.
- Restrict access to Vim on Unix-like systems, especially in multi-user environments.
- Monitor system logs for signs of exploitation attempts.
- Apply compensating controls, such as SELinux or AppArmor policies, to restrict Vim's capabilities.
- Regularly review and update vulnerability management processes to ensure timely patching of critical systems.
Evidence notes
The CVE-2026-33412 vulnerability was publicly disclosed on March 24, 2026. The vulnerability was patched in Vim version 9.2.0202. Multiple sources, including the NVD and Red Hat, have documented this vulnerability and provided guidance on mitigation. The CVSS score for this vulnerability is 5.6, indicating medium severity.
Official resources
-
CVE-2026-33412 CVE record
CVE.org
-
CVE-2026-33412 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Patch
-
Source reference
[email protected] - Product
-
Mitigation or vendor reference
[email protected] - Patch, Vendor Advisory
-
Mitigation or vendor reference
af854a3a-2127-422b-91ae-364da2661108 - Mailing List, Patch, Third Party Advisory
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
This article is AI-assisted and based on the supplied source corpus.