CVE-2026-50733— Markdown Preview Enhanced 安全漏洞

Markdown Preview Enhanced Arbitrary Code Execution via WaveDrom eval()

Markdown Preview Enhanced before 0.8.28 parses WaveDrom diagrams by evaluating untrusted markdown content with eval(), allowing arbitrary JavaScript execution. The flaw affects every render path - the live preview (window.eval) and presentation mode plus HTML export (the bundled WaveDrom.ProcessAll()/eva() helpers) - and can also be triggered through a <script type="WaveDrom"> element injected via raw HTML in markdown. When a victim previews or exports a crafted markdown document, an attacker can execute arbitrary code, leading to arbitrary file write. Fixed in 0.8.28 by parsing with JSON5.parse() and sanitizing WaveDrom data scripts to inert strict JSON.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

动态执行代码中指令转义处理不恰当(Eval注入)

Markdown Preview Enhanced 安全漏洞

Markdown Preview Enhanced是Yiyi Wang个人开发者的一个超级强大标记扩展。 Markdown Preview Enhanced 0.8.28之前版本存在安全漏洞，该漏洞源于通过eval()解析不受信任的markdown内容中的WaveDrom图，可能导致任意JavaScript执行，进而导致任意文件写入。

N/A

N/A