CVE-2026-50733 | shd101wyy Markdown Preview Enhanced up to 0.8.27 window.eval eval injection

A vulnerability was found in shd101wyy Markdown Preview Enhanced up to 0.8.27. It has been declared as critical. Affected by this vulnerability is the function window.eval. Executing a manipulation can lead to improper neutralization of directives in dynamically evaluated code.

This vulnerability is tracked as CVE-2026-50733. The attack can be launched remotely. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More