CVE-2025-6493 | CodeMirror up to 5.17.0 Markdown Mode markdown.js redos (Issue 7128)

A vulnerability was found in CodeMirror up to 5.17.0 and classified as problematic. Affected by this issue is some unknown functionality of the file mode/markdown/markdown.js of the component Markdown Mode. The manipulation leads to inefficient regular expression complexity.

This vulnerability is handled as CVE-2025-6493. The attack may be launched remotely. Furthermore, there is an exploit available.

Not all code samples mentioned in the GitHub issue can be found. The repository mentions, that “CodeMirror 6 exists, and is […] much more actively maintained.”VulDB Recent EntriesRead More