A high-severity vulnerability in the Vim text editor, tracked under GitHub Security Advisory GHSA-2gmj-rpqf-pxvh, allows an attacker to achieve full arbitrary OS command execution simply by persuading a user to open a specially crafted file. The flaw, disclosed on March 30, 2026, affects all Vim versions before 9.2.0272 and has been assigned CWE-78 (Improper Neutralization of Special Elements used in […] The post Vim Vulnerability Allows Arbitrary Command Execution via Malicious Files appeared first on Cyber Security News.