A vulnerability classified as problematic was found in Vim up to 9.2.734. This issue affects some unknown processing of the file runtime/autoload/ccomplete.vim of the component Omni Completion. The manipulation results in os command injection.

This vulnerability is known as CVE-2026-59858. Attacking locally is a requirement. No exploit is available.