this post was submitted on 18 Mar 2026
608 points (96.8% liked)

Programmer Humor

30465 readers
3062 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS
Feyter@programming.dev
anzo@programming.dev
BurningTurtle@programming.dev
pylapp@programming.dev
608
Seriously, just stop (or use Linux) (media.piefed.zip)
submitted 2 days ago by RmDebArc_5@piefed.zip to c/programmer_humor@programming.dev
165 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] First_Thunder@lemmy.zip 58 points 2 days ago (3 children)

Yep it’s markdown, and yep they had a CVE with second highest grade cause of it

[–] Malix@sopuli.xyz 14 points 2 days ago (1 children)

heh, ofc. Apparently something to do with file:// and such uri handling, apparently executing local files? Yikes.

[–] thethunderwolf@lemmy.dbzer0.com 6 points 1 day ago (1 children)

not just local files

if you click a link to file:///123.45.67.89:69420/files-download/virus.exe it will download and run virus.exe

it still works, but now there is a "Dangerous Link Location: This is not a web link and may lead to the execution of malicious code" warning, but previously it would silently run the file.

[–] Malix@sopuli.xyz 3 points 1 day ago

kinda wild a file-link ever went straight to executing it after download - which on it's own could be dangerous as well.

I guess the "the s in IOT stands for security" also applies to notepad: "the s in vibecoding stands for security"

[–] Martineski@lemmy.dbzer0.com 5 points 2 days ago (1 children)

Aren't CVE grades meaningless anyway with how they are declared in real world?

[–] marine_mustang@sh.itjust.works 2 points 1 day ago

We run CVEs through our software inventory and configuration and come up with a new score that measures how bad it is for us.