A vulnerability, which was classified as critical , was found in vim up to 9.2.0201 . This issue affects the function glob . Such manipulation leads to os command injection. This vulnerability is traded as CVE-2026-33412 . An attack has to be approached locally. There is no exploit available. You should upgrade the affected component.