CVE-2026-47167 | Vim up to 9.2.495 Pattern cucumber.vim stepmatch code injection (GHSA-4473-94jm-w5x9)

A vulnerability classified as critical was found in Vim up to 9.2.495. This impacts the function stepmatch of the file runtime/ftplugin/cucumber.vim of the component Pattern Handler. Such manipulation leads to code injection.

This vulnerability is uniquely identified as CVE-2026-47167. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More