CVE-2026-47162 is a code injection vulnerability in Vim’s netrw plugin, specifically within the NetrwBookHistSave() function. A crafted directory name can trigger arbitrary Vimscript execution, potentially allowing an attacker to run malicious code in the context of the user running Vim. This is relevant to cloud environments where Vim is commonly used on Linux-based virtual machines and containers for editing configuration files.

Security Architect’s Take: Audit your Linux VM and container base images to identify Vim versions in use and apply vendor patches promptly. Consider enforcing policy to restrict or replace Vim with minimal editors in production environments where netrw functionality is unnecessary, reducing the attack surface.

Original advisory: CVE-2026-47162 Vim: Vimscript Code Injection in netrw NetrwBookHistSave() via crafted directory name