netrw

The netrw tag on WindowsForum.com covers discussions about Vim's built-in file browser plugin, netrw. Recent content highlights a security vulnerability, CVE-2026-28417, which allows command injection when opening crafted remote URLs via protocols like scp://. The issue affects Vim versions prior to 9.2.0073 and has been patched in that release. Users and administrators can find details on the attack surface, the fix, and related advisory information. This tag is relevant for Vim users, system administrators, and security professionals concerned with file browsing and remote access within Vim.