HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-11422Published Modified CNA VulnCheck

CVE-2026-11422: Markdown Preview Enhanced 0.8.x Code Injection via WaveDrom Rendering

Markdown Preview Enhanced 0.8.x with crossnote engine 0.9.28 contains a code injection vulnerability in the WaveDrom rendering pipeline that allows attackers to execute arbitrary JavaScript by embedding malicious content in a wavedrom fenced code block within a crafted Markdown document. Attackers can exploit the unsanitized passing of wavedrom block content to window.eval() in the VS Code webview context to abuse the extension's message passing and invoke arbitrary file writes on the local filesystem.

Metrics

CVSS v4.0
8.4
Severity
HIGH
Fixed in
0.8.27
Affected Products
2

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

Code injection in Markdown Preview Enhanced 0.8.x (with crossnote engine below 0.9.28) allows an attacker to execute arbitrary JavaScript by embedding malicious content inside a WaveDrom fenced code block in a crafted Markdown document. The vulnerability is local and requires no authentication, but does require a victim to open the malicious file in VS Code with the extension active. Successful exploitation enables arbitrary file writes on the local filesystem by abusing the extension's message-passing channel from the VS Code webview context. Patched-image rebuilds at versions 0.8.27 and crossnote 0.9.28 are available on HarborGuard for environments running affected versions.

HarborGuard Coverage

Detection

Detection of CVE-2026-11422 is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against all customer images, including custom-built images that bundle the Markdown Preview Enhanced extension or crossnote library. Any image layer containing an affected version of shd101wyy/markdown-preview-enhanced below 0.8.27 or shd101wyy/crossnote below 0.9.28 is flagged automatically.

Available
Triage

HarborGuard is capable of scoring this finding at CVSS v4.0 8.4 (High) and weighting it against each customer environment's compliance policy to determine urgency and routing. Triage alerts are available for delivery to the appropriate team inbox within each customer org based on image ownership and policy configuration.

Available
Patch

A patched-image rebuild pinned to Markdown Preview Enhanced 0.8.27 and crossnote 0.9.28 becomes available on HarborGuard as soon as the fix versions are confirmed in the upstream registry. For customers who opt into auto-remediation, HarborGuard is capable of triggering a rebuild, running a regression test suite against the updated image, and opening a pull request against affected workloads automatically.

Available

Exploit Conditions

  • Network reachabilityNot required

    The attacker needs an existing shell or process on the host; no network-facing service is involved in the attack path.

  • AuthenticationNot required

    No account or credentials are required to craft or deliver the malicious Markdown file.

  • Victim interactionRequired

    The victim must open the attacker-supplied Markdown document in VS Code with the Markdown Preview Enhanced extension active, making social engineering a prerequisite.

  • Attack complexityDetail

    The exploit is reliable and condition-free once the victim opens the file; no race conditions or special memory layout are needed to trigger the eval call.

Blast Radius

  • Executes arbitrary JavaScript inside the VS Code webview context, giving the attacker full control over the extension's rendering sandbox.
  • Writes arbitrary files to the local filesystem by abusing the extension's message-passing channel between the webview and the VS Code host process.
  • Confidential files readable by the VS Code process, such as local credentials, SSH keys, or source code, can be read and exfiltrated through the injected script.

How HarborGuard Handles This

Available on HarborGuard: detection against both affected packages (markdown-preview-enhanced below 0.8.27 and crossnote below 0.9.28) is active and matched against every image in connected registries and CI pipelines. Where compliance policy permits auto-remediation, HarborGuard is capable of rebuilding affected images at the patched versions, running regression tests, and opening a pull request against affected workloads; for High-severity issues, the median time from CVE publication to merged patch PR is around 90 minutes in environments with auto-remediation enabled. For teams that cannot immediately patch, compensating controls include restricting container images to exclude developer tooling extensions in production builds, applying filesystem write restrictions via seccomp or read-only volume mounts, and enforcing image admission policies that block images containing versions below the fix threshold until the rebuild is available.

See how HarborGuard automates this

Fix available

0.8.270.9.28
Patch commits
Affected packages
  • shd101wyy / Markdown Preview Enhanced
    < 0.8.27 (from 0)
  • shd101wyy / crossnote
    < 0.9.28 (from 0)
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
References