CVE-2025-66400 | syntax-tree mdast-util-to-hast up to 13.2.0 Markdown Code injection

Inserito da Angelo Barbosa | Dic 1, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in syntax-tree mdast-util-to-hast up to 13.2.0. Impacted is an unknown function of the component Markdown Code Handler. This manipulation causes injection.

This vulnerability appears as CVE-2025-66400. The attack may be initiated remotely. There is no available exploit.

It is advisable to upgrade the affected component.

CVE-2025-66400 | syntax-tree mdast-util-to-hast up to 13.2.0 Markdown Code injection

Post correlati

CVE-2025-27425 | Mozilla Firefox up to 135 on iOS QR Code

CVE-2024-13605 | 10Web Form Maker Plugin up to 1.15.32 on WordPress Setting cross site scripting

CVE-2024-28859 | FriendsOfSymfony1 symfony1 up to 1.5.17 __destruct deserialization (GHSA-wjv8-pxr6-5f4r)

CVE-2024-25418 | flusity CMS 2.33 delete_menu.php cross-site request forgery