oss-sec mailing list archives

Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272


From: Tianyu Chen <sweetyfish () deepin org>
Date: Thu, 2 Apr 2026 15:47:48 +0800

On Thu, Apr 02, 2026 at 09:25:58AM +0200, Christian Brabandt wrote:

Sorry for being potentially off-topic, but I am wondering if I am doing 
something wrong here. Did anybody request a CVE for this? I got a 
notification from Github Support (after 10 hours or so) that they cannot 
assign a CVE for this, as there was already one assigned.

I typically hit the *Request CVE* button before I publish an advisory 
and send out the notifications, and usually github assigns those pretty 
fast, but not this time.

Does anybody here know how this works? Or did I do something wrong?

Isn't it CVE-2026-34714? I saw it noted on
https://github.com/vim/vim/security/advisories/GHSA-2gmj-rpqf-pxvh.

Best regards,
Tianyu Chen @ deepin


Current thread: