CVE-2026-59856 | Vim up to 9.1.x PHP Omni-Completion phpcomplete.vim search os command injection
A vulnerability marked as critical has been reported in Vim up to 9.1.x. Affected by this issue is the function Search of the file runtime/autoload/phpcomplete.vim of the component PHP Omni-Completion. Performing a manipulation results in os command injection.
This vulnerability is reported as CVE-2026-59856. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More