CyberRota
← Ana sayfaya dön

CVE-2026-47162

HIGH · CVSS 8.8 EPSS %0.27 Public Exploit

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-11T19:16:44.160 · Çekilme zamanı: 2026-06-30T12:17:31.284413+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

Public Exploit Sinyali

Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.

GitHub PoC Linkleri
github.com github.com github.com

Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.

CVE
CVE-2026-47162
Severity
HIGH
CVSS
8.8
EPSS
%0.27

Orijinal NVD Açıklaması

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave() in the netrw plugin (runtime/pack/dist/opt/netrw/autoload/netrw.vim) when serializing browsed directory paths to the history file ~/.vim/.netrwhist. A directory name derived from the filesystem is interpolated into a single-quoted Vimscript string literal without escaping embedded single quotes, allowing a crafted directory name to break out of the string context and execute arbitrary Vimscript, including shell commands via system() and :!, the next time the history file is sourced. This issue has been patched in version 9.2.0495.