|
|
|
|
|
|
by lloeki
76 days ago
|
|
|
> We asked Claude to find a bug in Vim. It found an RCE. Just open a file, and you’re owned. Yeah reading the above opening paragraph I was immediately going "oh Claude found out about modelines" modelines are largely considered a (roundabout) equivalent to flat out eval, There's a reason plugins such as securemodelines exist: https://www.vim.org/scripts/script.php?script_id=1876 |
|
|
Pretty sure a lot of people have spent lots of tokens into finding RCEs in vim and emacs, he is not the first person to do this.