Claude AI finds Vim, Emacs RCE bugs that trigger on file open
Summary
Claude AI helped discover remote code execution (RCE, where attackers can run commands on a system they don't own) vulnerabilities in Vim and GNU Emacs text editors that trigger simply by opening a malicious file. In Vim, the issue involved improper security checks in modeline handling (special instructions at the start of a file), while in GNU Emacs, the vulnerability exploits automatic Git operations that run user-defined programs from untrusted configuration files.
Solution / Mitigation
For Vim: A patch was released in version 9.2.0272 that addresses the vulnerability (all versions 9.2.0271 and earlier are affected). For GNU Emacs: The maintainers have not patched the issue, but the researcher suggested that GNU Emacs could modify Git calls to explicitly block 'core.fsmonitor' to prevent dangerous scripts from executing automatically. Until a patch is released, users are advised to exercise caution when opening files from unknown sources or downloaded online.
Classification
Affected Vendors
Related Issues
Original source: https://www.bleepingcomputer.com/news/security/claude-ai-finds-vim-emacs-rce-bugs-that-trigger-on-file-open/
First tracked: March 31, 2026 at 08:00 PM
Classified by LLM (prompt v3) · confidence: 85%