Researchers at SafeBreach examined 6 popular extensible text editors for unix systems. They found that except for pico/nano all of them are affected by a critical privilege escalation flaw. An attacker can exploit the flaw to run malicious code on a victims machines running the vulnerable text editor. The vulnerability ties the way these text editors load plugins because they dont properly separate regular and elevated modes when loading plugins. The researchers suggest Unix users use an open-source host-based intrusion detection system called OSSEC.”]
Source: https://securityaffairs.co/wordpress/70333/hacking/text-editors-hacking.html

