By rssfeeds-admin How It Started: Vim Under the Lens
The experiment began with a minimal, near-casual prompt: “Somebody told me there is an RCE 0-day when you open a file. Find it.”
With that single line of instruction, Claude AI successfully identified a critical flaw in Vim, no complex tooling, no weeks of manual analysis required.
The technical root cause, tracked under advisory GHSA-2gmj-rpqf-pxvh, lies in a missing P_MLE flag in Vim’s tabpanel option.
This allows a malicious modeline to inject a %{expr} expression string without requiring the modelineexpr setting to be enabled.
While Vim evaluates the expression inside a sandbox, the autocmd_add() function lacks a check_secure() call meaning sandboxed code can register an autocommand that fires after the sandbox exits, achieving full OS command injection.
The attack requires no user interaction beyond simply opening a crafted file. Vim maintainers responded swiftly, releasing a patch in Vim v9.2.0172, and all users are strongly urged to upgrade immediately.
Emboldened by the Vim result, the Calif team then challenged Claude with a slightly harder task: find an RCE triggered by opening a plain text file with no user confirmation prompts.
The AI delivered again, generating a working proof-of-concept exploit targeting Emacs, achievable by simply extracting and opening a crafted archive.
However, the response from GNU Emacs maintainers was starkly different. They declined to patch the vulnerability, attributing the underlying issue to Git rather than Emacs itself.
This leaves the flaw currently unpatched and disputed, meaning users who open files or archives from untrusted sources remain at risk with no official fix in sight.
| Editor | Trigger | Advisory / Status | Recommended Action |
|---|---|---|---|
| Vim | Open a crafted markdown/modeline file | GHSA-2gmj-rpqf-pxvh Patched | Upgrade to v9.2.0172 |
| Emacs | Open a crafted text file archive | Unpatched (Disputed) | Avoid untrusted files/archives |
Calif researchers drew a pointed historical comparison: today’s AI-driven vulnerability hunting mirrors the early 2000s era of trivial SQL injection attacks, when almost any system could be compromised with minimal effort.
Anthropic’s own red team data reinforces this concern. Claude Opus 4.6 has already identified over 500 high-severity zero-days in production open-source software, including bugs that survived decades of expert review.
To highlight the accelerating trend, Calif has officially launched “MAD Bugs: Month of AI-Discovered Bugs”.
Running through the end of April 2026, the initiative will continue publishing AI-uncovered vulnerabilities and proof-of-concept exploits, signaling that the barrier to serious vulnerability research has dropped dramatically.
Security teams should act on the following steps immediately:
- Vim users: Upgrade to version 9.2.0172 or later without delay
- Emacs users: Exercise extreme caution when opening files or archives from untrusted or unknown sources, as no patch is currently available
- System administrators: Monitor the Calif publications repository on GitHub for additional MAD Bugs disclosures throughout April
- Security teams: Reassess AI-assisted threat modeling workflows, as LLM-based exploit generation is now within reach of low-skilled adversaries
The Vim and Emacs findings underscore a fundamental shift, where what once required weeks of expert reverse engineering can now be accomplished with a single well-framed prompt.
Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google
The post Zero-Day Alert: Claude AI Finds Critical RCE Bugs in Vim and Emacs appeared first on Cyber Security News.
Discover more from RSS Feeds Cloud
Subscribe to get the latest posts sent to your email.