Security expert Armin Razmjou recently detected a high-risk arbitrary OS command execution vulnerability (CVE-2019-12735) in Vim and Neovim.
For those unaware, Vim and Neovim are two most popular and powerful command-line text editing applications that come pre-installed in most of the Linux distros. Vim is a text editor that allows users to create, view or edit any file, including text, documents, and programming scripts. On the other hand, Neovim is a fork of Vim that aims to improve user experience, plugins, and GUIs (graphical user interfaces). As a result, the code execution vulnerability is also present in Neovim.
The link for this article located at TechWorm is no longer available.