9.9 High
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
75.7%
Elixir’s vim plugin, alchemist.vim is vulnerable to remote code execution in the bundled alchemist-server. A malicious website can execute requests against an ephemeral port on localhost that are then evaluated as elixir code.
github.com/tonini/alchemist-server/issues/14