CNNVD-202512-3379 Information

CNNVD ID

CNNVD-202512-3379

Related CVE

CVE-2023-53940

• CNNVD Published: 2025-12-18

Description (Chinese)

Codigo是Alfonz Montelibano个人开发者的一个Markdown编辑器。 Codigo 1.0.1版本存在代码注入漏洞，该漏洞源于可执行任意系统命令，可能导致远程代码执行。

Description (English)

Codigo is a Markdown editor of Alfonz Montelibano’s personal developer. There is a code-injection loophole in version Codigo 1.0, which stems from the ability to execute arbitrary system orders, which may result in remote code enforcement.

Hazard Level

Medium

Vulnerability Type

代码注入

Affected Vendor

个人开发者

Published

2025-12-18

Last Modified

2026-02-24

References

https://github.com/alfonzm/codigo-app https://www.exploit-db.com/exploits/51432 https://www.vulncheck.com/advisories/codigo-markdown-editor-electron-arbitrary-code-execution-via-markdown-file