A vulnerability was found in shd101wyy Markdown Preview Enhanced up to 0.8.27 and classified as critical . This impacts the function interpretJS . Such manipulation leads to code injection. This vulnerability is referenced as CVE-2026-49493 . It is possible to launch the attack remotely. No exploit is available. It is suggested to upgrade the affected component.