网安资讯详情 - SecLens 情报雷达

网安资讯,一网打尽。汇集权威漏洞通告与行业要闻,结合分组浏览、智能过滤、RSS订阅 和 Webhook 推送,多通道拓展您的安全情报视野。

CVE-2026-50733 | shd101wyy Markdown Preview Enhanced up to 0.8.27 window.eval eval injection

来源: vuldb · 发布时间 2026-06-06 02:23 (UTC+08:00) · 抓取时间 2026-06-06 03:01 (UTC+08:00)

原文链接

摘要

A vulnerability was found in <a href="https://vuldb.com/product/shd101wyy:markdown_preview_enhanced">shd101wyy Markdown Preview Enhanced up to 0.8.27</a>. It has been declared as <a href="https://vuldb.com/kb/risk">critical</a>. Affected by this vulnerability is the function <code>window.eval</code>. Executing a manipulation can lead to improper neutralization of directives in dynamically evaluated code. This vulnerability is tracked as <a href="https://vuldb.com/cve/CVE-2026-50733">CVE-2026-50733</a>. The attack can be launched remotely. No exploit exists. It is recommended to upgrade the affected component.

标签

扩展字段

{
  "raw_pub_date": "Fri, 05 Jun 2026 20:23:16 +0200"
}