A two-bug chain quietly sitting in Vim since version 9.1.1391 lets a malicious file execute arbitrary shell commands the moment you open it — no plugins, no extra clicks, no warning.
Security researcher Hung Nguyen of Calif.io disclosed a critical remote code execution (RCE) vulnerability in Vim on March 30, 2026, assigned CVE-2026-34714. What makes this find notable isn't just the severity — it's how it was uncovered: Nguyen credits Claude AI as the tool that helped surface the vulnerability chain.
Two Small Oversights, One Big Problem
The attack chains two separate flaws in Vim's option-handling and sandbox logic.
The first flaw lives in the tabpanel option. Unlike statusline and tabline — which carry the P_MLE security flag requiring modelineexpr to be explicitly enabled before accepting expression strings — tabpanel is missing that flag entirely. This means a modeline (a line of configuration instructions embedded at the bottom of any text file) can silently inject a %{expr} expression string into Vim without the user ever enabling the modelineexpr setting. Since modelines are on by default, practically every standard Vim installation is exposed.
The second flaw is in autocmd_add(), a function that registers autocommands (event-triggered actions). Vim does correctly detect the insecure expression and evaluates it inside a sandbox — but autocmd_add() contains no check_secure() call. That omission means sandboxed code can register an autocommand that fires after the sandbox exits, effectively escaping Vim's own security boundary.
The result: a crafted file can force the tab panel visible, inject an expression, register a SafeStateAgain autocommand via the sandbox escape, and execute an arbitrary shell command — all with the full privileges of whoever is running Vim.
Nguyen reported the flaw Vim maintainers and team shipped a fix the following day. The advisory itself doubles as a proof-of-concept, with the exploit payload embedded in the document's own modeline.
Update Vim to v9.2.0272 immediately. If you cannot patch right away, disable modelines by adding set nomodeline to your .vimrc. Builds compiled with FEAT_HUGE — the default for most distributions — are affected. Earlier versions prior to 9.1.1391 are not.