{ "affected": [ { "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "0.6.5" }, { "introduced": "0" }, { "last_affected": "0.6.5" }, { "introduced": "0" }, { "last_affected": "0.19.6" }, { "introduced": "0" }, { "last_affected": "0.19.6" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "4bb0fb02a805fe6ccd78ab9eefc3ae9691a52d52" }, { "introduced": "0" }, { "last_affected": "4bb0fb02a805fe6ccd78ab9eefc3ae9691a52d52" }, { "introduced": "0" }, { "last_affected": "a7c59a1c4fb22f44d543945bd8401fa0c5a7b42b" }, { "introduced": "0" }, { "last_affected": "a7c59a1c4fb22f44d543945bd8401fa0c5a7b42b" } ], "repo": "https://github.com/shd101wyy/markdown-preview-enhanced", "type": "GIT" } ] } ], "details": "An issue in Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode and Atom allows attackers to execute arbitrary commands during the GFM export process.", "id": "CVE-2022-45026", "modified": "2026-03-13T21:55:23.135043121Z", "published": "2022-12-07T02:15:10.410Z", "references": [ { "type": "REPORT", "url": "https://github.com/shd101wyy/vscode-markdown-preview-enhanced/issues/640" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }