A vulnerability has been published in the text editor vim that allows arbitrary code to be executed when the editor opens a text file.
Here is the text of the file executing the harmless uname -a
:!uname -a||" vi:fen:fdm=expr:fde=assert_fails("source! %"):fdl=0:fdt="
A fix in the form of an added check_secure() call is already available in the vim and neovim repositories.
Source: linux.org.ru