CVE-2026-34714 on CTRL-OS 24.05

Packages: vim

Status: In Progress

CVE Information

Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configuration, because %{expr} injection occurs with tabpanel lacking P_MLE.

Updates

2026-04-02 00:25 CEST

Metadata changes:

Status for package vim: “In Progress”

2026-04-02 00:23 CEST

Metadata changes:

Status: Plausible