A vulnerability was found in shd101wyy Markdown Preview Enhanced up to 0.8.27 . It has been declared as critical . Affected by this vulnerability is the function window.eval . Executing a manipulation can lead to improper neutralization of directives in dynamically evaluated code. This vulnerability is tracked as CVE-2026-50733 . The attack can be launched remotely. No exploit exists. It is recommended to upgrade the affected component.