Lucene search
K

12 matches found

NVD
NVD
added 2026/02/16 4:19 p.m.6 views

CVE-2025-65716

An issue in Visual Studio Code Extensions Markdown Preview Enhanced v0.8.18 allows attackers to execute arbitrary code via uploading a crafted .Md file...

8.8CVSS0.00639EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/02/16 12:0 a.m.8 views

PT-2026-8355

Name of the Vulnerable Software and Affected Versions Visual Studio Code Extensions Markdown Preview Enhanced version 0.8.18 Description A flaw exists in Visual Studio Code Extensions Markdown Preview Enhanced version 0.8.18 that could allow attackers to execute arbitrary code. This is achieved b...

8.8CVSS6.1AI score0.00639EPSS
Exploits1References13
Vulnrichment
Vulnrichment
added 2025/12/18 7:57 p.m.5 views

CVE-2023-53940 Codigo Markdown Editor 1.0.1 Electron Arbitrary Code Execution via Markdown File

Codigo Markdown Editor 1.0.1 contains a code execution vulnerability that allows attackers to run arbitrary system commands by crafting a malicious markdown file. Attackers can embed a video source with an onerror event that executes shell commands through Node.js childprocess module when the fil...

8.4CVSS7.5AI score0.00166EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/18 7:57 p.m.19 views

CVE-2023-53940 Codigo Markdown Editor 1.0.1 Electron Arbitrary Code Execution via Markdown File

Codigo Markdown Editor 1.0.1 contains a code execution vulnerability that allows attackers to run arbitrary system commands by crafting a malicious markdown file. Attackers can embed a video source with an onerror event that executes shell commands through Node.js childprocess module when the fil...

8.4CVSS0.00166EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-30944

Malicious code in bioql PyPI...

4.8CVSS5.3AI score0.00702EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/23 4:11 a.m.8 views

CVE-2023-39703

A cross site scripting XSS vulnerability in the Markdown Editor component of Typora v1.6.7 allows attackers to execute arbitrary code via uploading a crafted Markdown file...

6.1CVSS6.2AI score0.00455EPSS
Exploits1
OSV
OSV
added 2023/10/30 4:15 a.m.4 views

CVE-2023-44141

Inkdrop prior to v5.6.0 allows a local attacker to conduct a code injection attack by having a legitimate user open a specially crafted markdown file...

7.8CVSS5.8AI score0.00288EPSS
Exploits0References3
NVD
NVD
added 2023/10/30 4:15 a.m.14 views

CVE-2023-44141

Inkdrop prior to v5.6.0 allows a local attacker to conduct a code injection attack by having a legitimate user open a specially crafted markdown file...

7.8CVSS7.6AI score0.00288EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/09/01 12:0 a.m.16 views

CVE-2023-39703

A cross site scripting XSS vulnerability in the Markdown Editor component of Typora v1.6.7 allows attackers to execute arbitrary code via uploading a crafted Markdown file...

6.2AI score0.00455EPSS
Exploits1References1
OSV
OSV
added 2023/01/11 1:15 p.m.3 views

CVE-2022-42967

Caret is vulnerable to an XSS attack when the user opens a crafted Markdown file when preview mode is enabled. This directly leads to client-side code execution...

9.6CVSS5.8AI score
Exploits0References1
CNNVD
CNNVD
added 2023/01/11 12:0 a.m.8 views

Caret 跨站脚本漏洞

Caret is a software package for drawing classification and regression models. A security vulnerability exists in Caret, which stems from the fact that when it is enabled in preview mode, an attacker can implement cross-site scripting using a carefully crafted Markdown file to enable code executio...

9.6CVSS8.5AI score0.00821EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/01/09 12:0 a.m.29 views

CVE-2022-46603

An issue in Inkdrop v5.4.1 allows attackers to execute arbitrary commands via uploading a crafted markdown file...

6.8AI score0.00549EPSS
Exploits1References1
Rows per page
Query Builder