{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2026-34714", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "state": "PUBLISHED", "assignerShortName": "mitre", "dateReserved": "2026-03-30T18:27:55.398Z", "datePublished": "2026-03-30T18:27:55.752Z", "dateUpdated": "2026-03-31T03:55:41.253Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Vim", "vendor": "Vim", "versions": [{"lessThan": "9.2.0272", "status": "affected", "version": "0", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configuration, because %{expr} injection occurs with tabpanel lacking P_MLE."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 9.2, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-30T18:40:41.801Z"}, "references": [{"url": "https://www.openwall.com/lists/oss-security/2026/03/30/3"}, {"url": "https://github.com/vim/vim/security/advisories/GHSA-2gmj-rpqf-pxvh"}, {"url": "https://github.com/vim/vim/commit/664701eb7576edb7c7c7d9f2d600815ec1f43459"}, {"url": "https://github.com/vim/vim/releases/tag/v9.2.0272"}], "x_generator": {"engine": "CVE-Request-form 0.0.1"}, "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*", "versionEndExcluding": "9.2.0272"}]}]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-30T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2026-34714"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T03:55:41.253Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-34714", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-30T18:53:07.493711Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-30T18:53:39.611Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.2, "attackVector": "LOCAL", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Vim", "product": "Vim", "versions": [{"status": "affected", "version": "0", "lessThan": "9.2.0272", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.openwall.com/lists/oss-security/2026/03/30/3"}, {"url": "https://github.com/vim/vim/security/advisories/GHSA-2gmj-rpqf-pxvh"}, {"url": "https://github.com/vim/vim/commit/664701eb7576edb7c7c7d9f2d600815ec1f43459"}, {"url": "https://github.com/vim/vim/releases/tag/v9.2.0272"}], "x_generator": {"engine": "CVE-Request-form 0.0.1"}, "descriptions": [{"lang": "en", "value": "Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configuration, because %{expr} injection occurs with tabpanel lacking P_MLE."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "9.2.0272"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-30T18:40:41.801Z"}}}, "cveMetadata": {"cveId": "CVE-2026-34714", "state": "PUBLISHED", "dateUpdated": "2026-03-31T03:55:41.253Z", "dateReserved": "2026-03-30T18:27:55.398Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-03-30T18:27:55.752Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configuration, because %{expr} injection occurs with tabpanel lacking P_MLE."}], "id": "CVE-2026-34714", "lastModified": "2026-03-30T19:16:26.853", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 9.2, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 6.0, "source": "cve@mitre.org", "type": "Secondary"}]}, "published": "2026-03-30T19:16:26.853", "references": [{"source": "cve@mitre.org", "url": "https://github.com/vim/vim/commit/664701eb7576edb7c7c7d9f2d600815ec1f43459"}, {"source": "cve@mitre.org", "url": "https://github.com/vim/vim/releases/tag/v9.2.0272"}, {"source": "cve@mitre.org", "url": "https://github.com/vim/vim/security/advisories/GHSA-2gmj-rpqf-pxvh"}, {"source": "cve@mitre.org", "url": "https://www.openwall.com/lists/oss-security/2026/03/30/3"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "cve@mitre.org", "type": "Primary"}]}

{"bugzilla": {"description": "vim: Vim: Arbitrary code execution via crafted file", "id": "2453139", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453139"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.6", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-917", "details": ["A flaw was found in Vim. This vulnerability allows an attacker to execute malicious code on a user's system. This occurs when a user opens a specially crafted file, leading to immediate code execution due to a vulnerability in how Vim handles expressions within its tabpanel feature."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2026-34714", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "vim", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "vim", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "vim", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "vim", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "vim", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "rhcos", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2026-03-30T18:27:55Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-34714\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-34714\nhttps://github.com/vim/vim/commit/664701eb7576edb7c7c7d9f2d600815ec1f43459\nhttps://github.com/vim/vim/releases/tag/v9.2.0272\nhttps://github.com/vim/vim/security/advisories/GHSA-2gmj-rpqf-pxvh\nhttps://www.openwall.com/lists/oss-security/2026/03/30/3"], "threat_severity": "Important"}

{}