{"id":7671,"date":"2026-04-01T17:51:24","date_gmt":"2026-04-01T17:51:24","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=7671"},"modified":"2026-04-01T17:51:24","modified_gmt":"2026-04-01T17:51:24","slug":"vim-and-gnu-emacs-claude-code-helpfully-found-zero-day-exploits-for-both","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=7671","title":{"rendered":"Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both"},"content":{"rendered":"<div>\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<div class=\"container\"><\/div>\n<p>Developers can spend days using fuzzing tools to find security weaknesses in code. Alternatively, they can simply ask an LLM to do the job for them in seconds.<\/p>\n<p>The catch: LLMs are evolving so rapidly that this convenience might come with hidden dangers.<\/p>\n<p>The latest example is from researcher <a href=\"https:\/\/www.linkedin.com\/in\/hung-nguyen-m\/?originalSubdomain=vn\" target=\"_blank\" rel=\"noopener\">Hung Nguyen<\/a> from AI red teaming company Calif, who, with simple prompts to Anthropic\u2019s Claude Code, was able to uncover zero-day remote code exploits (RCEs) in the source code of two of the most popular developer text editors, Vim and GNU Emacs.<\/p>\n<p>Nguyen started with Vim. \u201cSomebody told me there is an RCE 0-day when you open a file. Find it,\u201d <a href=\"https:\/\/github.com\/califio\/publications\/blob\/main\/MADBugs\/vim-vs-emacs-vs-claude\/vim-claude-prompts.txt\" target=\"_blank\" rel=\"noopener\">he instructed Claude Code.<\/a>\u00a0<\/p>\n<p>Within two minutes, Claude Code had discovered the flaw: missing critical security checks (<em>P_MLE<\/em> and <em>P_SECURE<\/em>) in the tabpanel sidebar introduced in 2025, and a missing security check in the <em>autocmd_add()<\/em> function.<\/p>\n<p>Claude Code then helpfully tried to find ways to exploit the vulnerability, eventually suggesting a tactic that bypassed the Vim sandbox by persuading a target to open a malicious file. It had gone from prompt to proof-of-concept (PoC) exploit in minutes.<\/p>\n<p> \u201cAn attacker who can deliver a crafted file to a victim achieves arbitrary command execution with the privileges of the user running Vim,\u201d Vim maintainers noted <a href=\"https:\/\/github.com\/vim\/vim\/security\/advisories\/GHSA-2gmj-rpqf-pxvh\" target=\"_blank\" rel=\"noopener\">in their security advisory<\/a>. \u201cThe attack requires only that the victim opens the file; no further interaction is needed.\u201d <\/p>\n<h2 class=\"wp-block-heading\">GNU Emacs \u2018forever-day\u2019<\/h2>\n<p>Surprised, Nguyen then jokingly suggested Claude Code find the same type of flaw in a second text editor, GNU Emacs.<\/p>\n<p>Claude Code obliged, finding a zero-day vulnerability, dating back to 2018, in the way the program interacts with the Git version control system that would make it possible to execute malicious code simply by opening a file.<\/p>\n<p>\u201cOpening a file in GNU Emacs can trigger arbitrary code execution through version control (git), most requiring zero user interaction beyond the file open itself. The most severe finding requires no file-local variables at all \u2014 simply opening any file inside a directory containing a crafted <em>.git\/ folder<\/em> executes attacker-controlled commands,\u201d <a href=\"https:\/\/github.com\/califio\/publications\/blob\/main\/MADBugs\/vim-vs-emacs-vs-claude\/Emacs.md\" target=\"_blank\" rel=\"noopener\">he wrote<\/a>.<\/p>\n<h2 class=\"wp-block-heading\">One fixed, one not<\/h2>\n<p>When notified, Vim\u2019s maintainers quickly fixed their issue, identified as <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2026-34714\" target=\"_blank\" rel=\"noopener\">CVE-2026-34714<\/a> with a CVSS score of 9.2, in version 9.2.0272.<\/p>\n<p>Unfortunately, addressing the GNU Emacs vulnerability, which is currently without a CVE identifier, isn\u2019t as straightforward. Its maintainers believe it to be a problem with Git, and declined to address the issue; in his post, Nguyen suggests <a href=\"https:\/\/github.com\/califio\/publications\/blob\/main\/MADBugs\/vim-vs-emacs-vs-claude\/Emacs.md\" target=\"_blank\" rel=\"noopener\">manual mitigations<\/a>. The vulnerable versions are 30.2 (stable release) and 31.0.50 (development).<\/p>\n<h2 class=\"wp-block-heading\">Vulnerable code<\/h2>\n<p>What does the discovery of these flaws tell us? Clearly, that large numbers of old codebases are potentially vulnerable to the power of AI tools such as Claude Code. Just because a weakness hasn\u2019t been noticed for years doesn\u2019t mean it will hide for long in the AI era.<\/p>\n<p>That is, potentially, a big change, although hardly one that hasn\u2019t already been flagged by Anthropic itself. In February, <a href=\"https:\/\/www.csoonline.com\/article\/4128889\/claude-ai-finds-500-high-severity-software-vulnerabilities.html\" target=\"_blank\" rel=\"noopener\">the company revealed<\/a> that its Opus 4.6 model had been used to identify 500 high-severity security vulnerabilities.<\/p>\n<p>\u201cAI language models are already capable of identifying novel vulnerabilities, and may soon exceed the speed and scale of even expert human researchers,\u201d it said at the time.<\/p>\n<p>The platform is powerful enough that an enterprise version with the same capabilities, <a href=\"https:\/\/www.csoonline.com\/article\/4136294\/anthropics-claude-code-security-rollout-is-an-industry-wakeup-call.html?utm=hybrid_search\" target=\"_blank\" rel=\"noopener\">Claude Code Security<\/a>, even negatively affected stock market sentiment towards several traditional cybersecurity companies when it was launched.<\/p>\n<p>A second issue is that LLMs are now capable of spotting, iterating, and creating PoCs for vulnerabilities in ways developers still need to come to terms with. Meanwhile, the potential for malicious use is hard to ignore.<\/p>\n<p>\u201cHow do we professional bug hunters make sense of this?\u201d Nguyen asked. \u201cThis feels like the early 2000s. Back then a kid could hack anything, with SQL Injection. Now [they can] with Claude.\u201d<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Developers can spend days using fuzzing tools to find security weaknesses in code. Alternatively, they can simply ask an LLM to do the job for them in seconds. The catch: LLMs are evolving so rapidly that this convenience might come with hidden dangers. The latest example is from researcher Hung Nguyen from AI red teaming [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":7672,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-7671","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/7671"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7671"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/7671\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/7672"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7671"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7671"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7671"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}