CVE-2026-47162 | vim up to 9.2.494 Directory netrw.vim NetrwBookHistSave injection (GHSA-crm5-rh6j-2c7c)

A vulnerability was found in vim up to 9.2.494. It has been declared as critical. The impacted element is the function NetrwBookHistSave of the file runtime/pack/dist/opt/netrw/autoload/netrw.vim of the component Directory Handler. Executing a manipulation can lead to injection.

This vulnerability is tracked as CVE-2026-47162. The attack can be launched remotely. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More