Markdown Preview Enhanced for Visual Studio Code processes links and external file references embedded in markdown documents by invoking a shell to load them. The extension does not sanitize values supplied by the document, such as diagram file names, imported paths, or LaTeX engine options. On Windows a crafted markdown file can embed shell commands that are executed when the document is previewed, allowing an attacker to run arbitrary code with the privileges of the editor’s user. The flaw is classified as a CWE‑78 Operating System Command Injection.

All installations of the Markdown Preview Enhanced extension older than version 0.8.28 are vulnerable. The affected product is the Visual Studio Code extension by shd101wyy, identified in the CPE as markdown_preview_enhanced_project:markdown_preview_enhanced. Users who enable the preview and open local or network‑trusted markdown files that reference external resources are at risk.

CVSS base score is 8.6, indicating high severity. The EPSS score is not available, so the current exploitation likelihood cannot be quantified, but the absence of mitigation in the vulnerable builds and the high severity suggest a significant risk. The vulnerability is not listed in the CISA KEV catalog. Attackers would likely deliver a malicious file through shared drives or email attachments and entice a user to preview it, after which the injected commands would run. Because the vulnerability is triggered by local file access, any user with ability to open such a file on a machine with the extension installed is a potential attack vector.