CVE-2025-6493 Information

Jun 23, 2025 cve

Description

A vulnerability was found in CodeMirror up to 5.17.0 and classified as problematic. Affected by this issue is some unknown functionality of the file mode/markdown/markdown.js of the component Markdown Mode. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Not all code samples mentioned in the GitHub issue can be found. The repository mentions that \CodeMirror 6 exists and is […] much more actively maintained.\

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Reference

https://github.com/codemirror/codemirror5/issues/7128 https://vuldb.com/?ctiid.313610 https://vuldb.com/?id.313610 https://vuldb.com/?submit.598875

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

LOW

Base Severity

5.3

CNNVD-202506-2924 (Published: 2025-06-22)

Share on: