CVE-2026-50733: Markdown Preview Enhanced RCE via WaveDrom Eval Injection
Markdown Preview Enhanced, a popular markdown editor extension, contains a critical flaw in how it renders WaveDrom diagrams—a type of digital waveform visualization. Versions before 0.8.28 use JavaScript's eval() function to process diagram code, which means maliciously crafted markdown files can trick the software into executing arbitrary code on your machine. An attacker only needs to get you to open or export a booby-trapped markdown document; no interaction beyond that is required. The vulnerability works across all rendering modes: live preview, presentation slides, and HTML export. A patch is available that replaces the unsafe eval() with proper JSON parsing, eliminating the risk.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 8.8 HIGH · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Weaknesses (CWE)
- CWE-95
- Affected products
- 0 configuration(s)
- Published / Modified
- 2026-06-05 / 2026-06-17
NVD description (verbatim)
Markdown Preview Enhanced before 0.8.28 parses WaveDrom diagrams by evaluating untrusted markdown content with eval(), allowing arbitrary JavaScript execution. The flaw affects every render path - the live preview (window.eval) and presentation mode plus HTML export (the bundled WaveDrom.ProcessAll()/eva() helpers) - and can also be triggered through a <script type="WaveDrom"> element injected via raw HTML in markdown. When a victim previews or exports a crafted markdown document, an attacker can execute arbitrary code, leading to arbitrary file write. Fixed in 0.8.28 by parsing with JSON5.parse() and sanitizing WaveDrom data scripts to inert strict JSON.
4 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
CVE-2026-50733 exploits unsafe evaluation of WaveDrom diagram syntax in Markdown Preview Enhanced versions before 0.8.28. The extension uses eval() to process diagram definitions in markdown, a dangerous practice when the input is untrusted user content. The vulnerability chain affects three attack surfaces: (1) the live editor preview via window.eval(), (2) presentation and HTML export modes via bundled WaveDrom.ProcessAll() and eva() helpers, and (3) injection through raw HTML <script type="WaveDrom"> elements embedded in markdown source. Because eval() executes arbitrary JavaScript with the privileges of the renderer context, an attacker can read/write files, exfiltrate data, or perform other malicious actions. The root cause is parsing markdown-embedded WaveDrom definitions without sanitization. Version 0.8.28 mitigates this by switching to JSON5.parse() for safe parsing and sanitizing script content to valid JSON only, eliminating code execution paths.
Business impact
This vulnerability poses significant risk to technical teams that use Markdown Preview Enhanced for documentation, note-taking, or content creation workflows. The attack surface is broad because the threat does not require authentication or special privileges—a simple shared markdown file (via email, repository, collaboration platform, or documentation site) becomes a delivery vector. Organizations managing sensitive technical documentation, source code comments with embedded diagrams, or collaborative wikis using this extension face exposure to data exfiltration and unauthorized file modification. The remote, low-friction nature of the exploit (user opens a file) makes it likely to be weaponized. Supply-chain risk is material if markdown files are auto-generated, templated, or sourced from external systems. Incident response and forensics complexity is elevated because arbitrary code execution can occur silently during normal document review.
Affected systems
Markdown Preview Enhanced versions prior to 0.8.28 are affected. This includes all releases through 0.8.27. The extension runs in popular markdown editors and IDEs, particularly VSCode, where it is widely installed. Because the vulnerability is in the core parsing logic, all users of vulnerable versions are at risk—there are no safe sub-versions or configurations. Users who have updated to 0.8.28 or later are protected.
Exploitability
Exploitability is high. The attack requires only that an attacker craft a malicious markdown file and socially engineer or distribute it to a target—no complex interaction, network setup, or privilege escalation is needed. The payload is embedded in plain-text markdown using WaveDrom syntax, making it difficult to detect visually or with naive pattern matching. The user experience is normal: they open or export the document, and code runs silently in the background. No user warning, confirmation dialog, or unusual behavior alerts victims. The CVSS score of 8.8 (HIGH) reflects network-reachable attack vector, low complexity, no privileges required, user interaction (opening a file), and high impact across confidentiality, integrity, and availability.
Remediation
The definitive fix is to upgrade Markdown Preview Enhanced to version 0.8.28 or later. This version replaces eval() with JSON5.parse(), eliminating arbitrary code execution. Organizations should audit installed versions across all developer workstations, CI/CD environments, and shared systems. Until patching is complete, avoid opening markdown files from untrusted sources and disable WaveDrom diagram rendering in extension settings if available. Treat any markdown file shared via email or external channels with heightened scrutiny, especially if it contains diagram blocks. For teams using auto-generated or templated markdown, audit generation pipelines to ensure WaveDrom syntax is not injected from external data sources.
Patch guidance
Upgrade to Markdown Preview Enhanced version 0.8.28 or later immediately. The patch is available through VSCode extensions marketplace and other distribution channels. Version 0.8.28 addresses the vulnerability by eliminating eval() and using safe JSON5 parsing. Verify the update is applied by checking the extension version in VSCode settings or the Markdown Preview Enhanced repository release notes. No configuration changes are required post-patch; the fix is transparent to users. Organizations with managed extension deployments should update their approved versions lists and push updates to users via management tools. Test the upgrade in a development environment first to confirm compatibility with any custom markdown tooling or workflows.
Detection guidance
Detection is challenging because the malicious payload is embedded in markdown syntax and executes silently. However, defenders can employ several strategies: (1) Monitor for unexpected file write or read operations originating from the Markdown Preview Enhanced extension process; (2) Audit markdown files in repositories and documentation systems for suspicious WaveDrom syntax—look for eval-like patterns, function calls, or JavaScript keywords within diagram blocks; (3) Check browser/extension logs for console errors or unusual eval() calls during markdown preview sessions; (4) Scan incoming emails and file transfers for markdown attachments with WaveDrom blocks, especially from external senders; (5) Use endpoint detection and response (EDR) tools to correlate file access patterns with markdown editor activity. Content-based detection is possible but requires understanding of valid WaveDrom syntax to avoid false positives.
Why prioritize this
This vulnerability merits immediate attention due to high exploitability (network-accessible, low friction), high impact (arbitrary code execution), and broad user base. The attack vector is passive—users opening normal-looking documents—making it difficult for individuals to avoid without organizational guidance. The absence of CISA KEV status does not reduce urgency; the vulnerability is sufficiently critical that exploitation in the wild is likely or already occurring. Organizations should deprioritize only behind actively exploited critical infrastructure flaws, but this ranks among the highest-priority vulnerabilities for technical teams. The presence of multiple render paths (preview, export, HTML) increases the likelihood that users encounter the flaw in routine workflows.
Risk score, explained
The CVSS 3.1 score of 8.8 (HIGH) is justified by: Attack Vector Network (AV:N) — the vulnerability is reachable remotely via shared files; Attack Complexity Low (AC:L) — no special conditions or race conditions required; Privileges Required None (PR:N) — an attacker does not need any privileges; User Interaction Required (UI:R) — a victim must open or export the malicious markdown, a frequent and low-friction action; Scope Unchanged (S:U) — impact is limited to the affected component; Confidentiality High (C:H) — arbitrary code execution allows data theft; Integrity High (I:H) — files can be modified or created; Availability High (A:H) — system processes can be crashed or hijacked. The combination of ease of exploitation, low user friction, and severe impact justifies the HIGH severity rating and places this in the top tier of vulnerabilities requiring urgent remediation.
Frequently asked questions
Can this vulnerability be exploited if I just view a markdown file in a regular text editor without using Markdown Preview Enhanced?
No. The vulnerability is specific to Markdown Preview Enhanced's parsing and rendering of WaveDrom diagrams. Viewing markdown in a plain text editor or non-vulnerable markdown tool poses no risk. The danger occurs only when the vulnerable extension processes the file—specifically during live preview, export, or presentation mode.
Does upgrading to 0.8.28 require me to re-export or modify my existing markdown files?
No. The patch is backward-compatible. Your existing markdown files do not need to be changed. Once upgraded, Markdown Preview Enhanced will safely parse all WaveDrom diagrams using the new JSON5 parser. No user action beyond installation of the update is required.
If I disable WaveDrom diagram rendering in settings, am I still vulnerable?
Disabling rendering is a reasonable interim mitigation if your workflow does not require WaveDrom diagrams. However, you should still patch as soon as possible rather than rely on disabling features long-term. Settings can be accidentally re-enabled, and patching eliminates the root vulnerability entirely.
Could an attacker exploit this through markdown files stored in a git repository if a CI/CD pipeline processes them?
Yes, this is a material supply-chain risk. If a CI/CD pipeline or automated tool processes markdown using the vulnerable Markdown Preview Enhanced extension, an attacker who can commit malicious markdown to the repository could execute code in that pipeline. Organizations should ensure both developer workstations and CI/CD systems run version 0.8.28 or later.
This analysis is based on the CVE-2026-50733 public advisory and does not constitute security advice. Organizations must verify all technical details, patch availability, and version numbers against official vendor documentation and release notes. Exploitation status, proof-of-concept code, and real-world attack data are subject to change. This page does not provide exploit code or detailed attack instructions. Always test patches in non-production environments before broad deployment. SEC.co is not liable for any actions taken based on this analysis. Source: NVD (public-domain), retrieved 2026-07-14. Analysis generated by SEC.co (claude-haiku-4-5).
Weaknesses (CWE)
Related vulnerabilities
- CVE-2026-11422HIGHMarkdown Preview Enhanced Code Injection via WaveDrom Rendering
- CVE-2018-25382HIGHZechat 1.5 SQL Injection Vulnerability – Unauthenticated Database Access
- CVE-2018-25383HIGHFree MP3 CD Ripper 2.8 Stack Overflow – ROP and DEP Bypass Risk
- CVE-2018-25385HIGHUnauthenticated SQL Injection in E-Registrasi Pencak Silat 18.10
- CVE-2018-25386HIGHSQL Injection in HaPe PKH 1.1 Admin Interface
- CVE-2018-25388HIGHHaPe PKH 1.1 Arbitrary File Upload Vulnerability (CVSS 8.8)
- CVE-2018-25389HIGHSQL Injection in HaPe PKH 1.1 Database Extraction
- CVE-2018-25390HIGHUnauthenticated SQL Injection in HaPe PKH 1.1