Linux users, beware!
If you haven’t recently updated your Linux operating system, especially the command-line text editor utility, do not even try to view the content of a file using Vim or Neovim.
Security researcher Armin Razmjou recently discovered a high-severity arbitrary OS command execution vulnerability (CVE-2019-12735) in Vim and Neovim—two most popular and powerful command-line text editing applications that come pre-installed with most Linux-based operating systems.
On Linux systems, Vim editor allows users to create, view or edit any file, including text, programming scripts, and documents.
Read more…
Source: The Hacker News