Zero-Day Alert: Claude AI Finds Critical RCE Bugs in Vim and Emacs

Security researchers at Calif have demonstrated how a simple conversational prompt to Claude AI was enough to uncover critical zero-day Remote Code Execution (RCE) vulnerabilities in two of the most widely used text editors, Vim and Emacs, marking a pivotal shift in AI-assisted vulnerability research.

How It Started: Vim Under the Lens

The experiment began with a minimal, near-casual prompt: “Somebody told me there is an RCE 0-day when you open a file. Find it.” 

With that single line of instruction, Claude AI successfully identified a critical flaw in Vim, no complex tooling, no weeks of manual analysis required.

The technical root cause, tracked under advisory GHSA-2gmj-rpqf-pxvh, lies in a missing P_MLE flag in Vim’s tabpanel option.

This allows a malicious modeline to inject a %{expr} expression string without requiring the modelineexpr setting to be enabled.

While Vim evaluates the expression inside a sandbox, the autocmd_add() function lacks a check_secure() call meaning sandboxed code can register an autocommand that fires after the sandbox exits, achieving full OS command injection.

The attack requires no user interaction beyond simply opening a crafted file. Vim maintainers responded swiftly, releasing a patch in Vim v9.2.0172, and all users are strongly urged to upgrade immediately.

Emboldened by the Vim result, the Calif team then challenged Claude with a slightly harder task: find an RCE triggered by opening a plain text file with no user confirmation prompts.

The AI delivered again, generating a working proof-of-concept exploit targeting Emacs, achievable by simply extracting and opening a crafted archive.

However, the response from GNU Emacs maintainers was starkly different. They declined to patch the vulnerability, attributing the underlying issue to Git rather than Emacs itself.

This leaves the flaw currently unpatched and disputed, meaning users who open files or archives from untrusted sources remain at risk with no official fix in sight.

Editor	Trigger	Advisory / Status	Recommended Action
Vim	Open a crafted markdown/modeline file	GHSA-2gmj-rpqf-pxvh Patched	Upgrade to v9.2.0172
Emacs	Open a crafted text file archive	Unpatched (Disputed)	Avoid untrusted files/archives

Calif researchers drew a pointed historical comparison: today’s AI-driven vulnerability hunting mirrors the early 2000s era of trivial SQL injection attacks, when almost any system could be compromised with minimal effort.

Anthropic’s own red team data reinforces this concern. Claude Opus 4.6 has already identified over 500 high-severity zero-days in production open-source software, including bugs that survived decades of expert review.

To highlight the accelerating trend, Calif has officially launched “MAD Bugs: Month of AI-Discovered Bugs”.

Running through the end of April 2026, the initiative will continue publishing AI-uncovered vulnerabilities and proof-of-concept exploits, signaling that the barrier to serious vulnerability research has dropped dramatically.

Security teams should act on the following steps immediately:

• Vim users: Upgrade to version 9.2.0172 or later without delay
• Emacs users: Exercise extreme caution when opening files or archives from untrusted or unknown sources, as no patch is currently available
• System administrators: Monitor the Calif publications repository on GitHub for additional MAD Bugs disclosures throughout April
• Security teams: Reassess AI-assisted threat modeling workflows, as LLM-based exploit generation is now within reach of low-skilled adversaries

The Vim and Emacs findings underscore a fundamental shift, where what once required weeks of expert reverse engineering can now be accomplished with a single well-framed prompt.

Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google

The post Zero-Day Alert: Claude AI Finds Critical RCE Bugs in Vim and Emacs appeared first on Cyber Security News.