oss-sec mailing list archives

Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272

From: Christian Brabandt <cb () 256bit org>
Date: Thu, 2 Apr 2026 09:25:58 +0200


On Mo, 30 Mär 2026, Christian Brabandt wrote:

Vim tabpanel modeline escape affects Vim < 9.2.0272
===================================================
Date: 30.03.2026
Severity: High
CVE: *not yet assigned*


Sorry for being potentially off-topic, but I am wondering if I am doing 
something wrong here. Did anybody request a CVE for this? I got a 
notification from Github Support (after 10 hours or so) that they cannot 
assign a CVE for this, as there was already one assigned.

I typically hit the *Request CVE* button before I publish an advisory 
and send out the notifications, and usually github assigns those pretty 
fast, but not this time.

Does anybody here know how this works? Or did I do something wrong?

Best,
Christian
-- 
Frauen vereinfachen unseren Schmerz, verdoppeln unsere Freude und
verdreifachen unsere Ausgaben.
                -- James Saunders

Current thread:

Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Christian Brabandt (Apr 01)
- Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 David A. Wheeler (Apr 02)
  - Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Christian Brabandt (Apr 02)
    - Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Solar Designer (Apr 02)
- <Possible follow-ups>
- Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Christian Brabandt (Apr 02)
  - Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Tianyu Chen (Apr 02)
    - Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Christian Brabandt (Apr 02)
    - Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Salvatore Bonaccorso (Apr 03)