{
  "threat_severity" : "Important",
  "public_date" : "2026-03-30T18:27:55Z",
  "bugzilla" : {
    "description" : "vim: Vim: Arbitrary code execution via crafted file",
    "id" : "2453139",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2453139"
  },
  "cvss3" : {
    "cvss3_base_score" : "8.6",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
    "status" : "draft"
  },
  "cwe" : "CWE-917",
  "details" : [ "Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configuration, because %{expr} injection occurs with tabpanel lacking P_MLE.", "A flaw was found in Vim. This vulnerability allows an attacker to execute malicious code on a user's system. This occurs when a user opens a specially crafted file, leading to immediate code execution due to a vulnerability in how Vim handles expressions within its tabpanel feature." ],
  "statement" : "The vulnerable functionality (tabpanel) was introduced in upstream Vim beginning with patch 9.1.1391. The versions of Vim provided in RHEL, including RHEL 10 (9.1.083) and earlier releases, are based on versions prior to this change and do not include the affected code. As a result, Red Hat Enterprise Linux is not impacted.",
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "vim",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "vim",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "vim",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "vim",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "vim",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "rhcos",
    "cpe" : "cpe:/a:redhat:openshift:4"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-34714\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-34714\nhttps://github.com/vim/vim/commit/664701eb7576edb7c7c7d9f2d600815ec1f43459\nhttps://github.com/vim/vim/releases/tag/v9.2.0272\nhttps://github.com/vim/vim/security/advisories/GHSA-2gmj-rpqf-pxvh\nhttps://www.openwall.com/lists/oss-security/2026/03/30/3" ],
  "name" : "CVE-2026-34714",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}