CNNVD-202506-2923 Information

CNNVD ID

CNNVD-202506-2923

Related CVE

CVE-2025-6492

• CNNVD Published: 2025-06-22

Description (Chinese)

MarkText是MarkText开源的一个markdown文件编辑器。 MarkText 0.17.1及之前版本存在安全漏洞，该漏洞源于文件marktext/src/main/utils/index.js中函数getRecommendTitleFromMarkdownString存在低效正则表达式复杂性。

Description (English)

MarkText is a MarkText open source markdown file editor. MarkText 0.17.1 and previous versions contain a security loophole, which stems from the inefficient regular expression complexity of the function GetRecommendTimeMarkdownString in document marktext/src/main/utils/index.js.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

MarkText

Published

2025-06-22

Last Modified

2026-02-24

References

https://github.com/marktext/marktext/pull/3952 https://vuldb.com/?id.313609 https://github.com/mmmsssttt404/marktext/blob/c59b3ad423dfa082869933baf9f5d5c69bdcc560/test/unit/specs/match-electron-accelerator.spec.js#L155-L164 https://vuldb.com/?submit.598208 https://vuldb.com/?ctiid.313609 https://access.redhat.com/security/cve/cve-2025-6492