Claude AI Discovers Zero-Day RCE Vulnerabilities in Vim and Emacs

Anthropic’s Claude AI successfully discovered zero-day Remote Code Execution (RCE) flaws in both Vim and GNU Emacs. The discoveries highlight a massive paradigm shift in bug hunting, demonstrating that AI models can uncover critical vulnerabilities in legacy software with simple natural-language prompts.

The Vim RCE: Compromise Upon File Open

The research initiative began with a highly unusual approach. The Calif team provided Claude with a straightforward prompt: “Somebody told me there is an RCE 0-day when you open a file. Find it.” Despite the simplicity of the request, the AI model successfully identified a critical, exploitable flaw in Vim version 9.2.

The resulting proof-of-concept (PoC) demonstrated that an attacker could execute arbitrary code by simply tricking a victim into opening a specially crafted markdown file.

The exploit requires no user interaction beyond the initial file open command. Fortunately, the Vim maintainers responded swiftly to the responsible disclosure.

The vulnerability, tracked under security advisory GHSA-2gmj-rpqf-pxvh, was patched immediately. System administrators and users are strongly advised to upgrade their environments to Vim version 9.2.0172 to mitigate the threat.

Emacs RCE and Maintainer Pushback

The researchers joked about switching to Emacs to avoid the vulnerability in Vim. They then directed Claude, an AI, to the GNU Emacs editor and asked it about rumored zero-day vulnerabilities that could be triggered by opening text files without confirmation prompts. Once again, Claude was able to successfully create a remote code execution (RCE) exploit.

The Emacs PoC relies on a victim extracting a compressed archive and opening a seemingly harmless text file contained within it, which seamlessly executes a malicious payload in the background.

However, the disclosure process for this vulnerability took a controversial turn. Upon reporting the bug, GNU Emacs maintainers declined to address the security flaw, officially attributing the root cause of the unexpected behavior to Git rather than the text editor itself. This leaves Emacs users in a precarious position until a community workaround or upstream mitigation is established.

The ease with which Claude uncovered these RCE flaws has left professional bug hunters drawing comparisons to the early 2000s era of SQL injection, where trivial inputs could systematically compromise entire networks.

To mark this historical turning point in cybersecurity research, the Calif team announced the launch of “MAD Bugs: Month of AI-Discovered Bugs.”

Running through the end of April 2026, the researchers plan to publish a continuous series of new vulnerabilities and exploits uncovered entirely by artificial intelligence, signaling a fundamental evolution in how threat actors and defenders alike will approach software security.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.