Skip to main content
CVE-2026-43666 MEDIUM PATCH This Month

Out-of-bounds write in Apple operating systems allows local network attackers to cause denial-of-service via improved bounds checking bypass. Affects iOS/iPadOS (18.7.9+, 26.5+), macOS Sequoia (15.7.7+), Sonoma (14.8.7+), Tahoe (26.5+), tvOS (26.5+), visionOS (26.5+), and watchOS (26.5+). EPSS score of 0.02% indicates very low real-world exploitation probability despite local attack vector.

Apple Memory Corruption Buffer Overflow
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-43653 MEDIUM PATCH This Month

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5. An attacker on the local network may be able to cause a denial-of-service.

Denial Of Service Apple
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-28985 MEDIUM PATCH This Month

Null pointer dereference in Apple operating systems (iOS, iPadOS, macOS Tahoe, tvOS) allows local network attackers to cause denial of service by sending crafted input that bypasses validation. The vulnerability affects all versions prior to iOS 26.5, iPadOS 26.5, macOS Tahoe 26.5, and tvOS 26.5. No code execution or data compromise is possible; impact is limited to availability disruption on affected devices.

Denial Of Service Apple Null Pointer Dereference
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-43896 MEDIUM PATCH This Month

Unbounded recursion in jq 1.8.1 and earlier causes denial of service via crafted jq programs using the * operator on nested objects, resulting in process crash with segmentation fault. Local attackers can exploit this vulnerability without authentication to crash jq processes, affecting any system processing untrusted jq filter logic.

Denial Of Service Red Hat
NVD GitHub VulDB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-43894 MEDIUM PATCH This Month

Buffer overflow in jq 1.8.1 and earlier allows local attackers to cause denial of service by providing a crafted JSON number literal with INT_MAX-1 (2147483646) digits, triggering integer overflow in the D2U() macro that bypasses heap-allocation checks and writes approximately 1.4 GiB of attacker-controlled data to the stack, corrupting memory far below the stack frame.

Integer Overflow Buffer Overflow Jq
NVD GitHub VulDB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-36906 MEDIUM This Month

Cross Site Scripting vulnerability in iotgateway v.3.0.1 allows a remote attacker to execute arbitrary code via the Log Record Function

XSS RCE N A
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-42872 MEDIUM PATCH This Month

Reflected cross-site scripting (XSS) in WeGIA versions before 3.7.0 allows unauthenticated remote attackers to inject arbitrary JavaScript via the id_processo parameter in lista_arquivos_etapa.php, enabling session hijacking, credential theft, or malicious actions in victim browsers. User interaction (clicking a crafted link) is required. The vulnerability is fixed in version 3.7.0.

XSS PHP
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-61308 MEDIUM This Month

Reflected cross-site scripting (XSS) in GmbH Mercury docuForm v11.11c allows remote attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious payloads into an unfiltered variable in the dfm-menu_maintenance.php component. The vulnerability requires user interaction (clicking a crafted link) but affects all site visitors, making it suitable for credential theft, session hijacking, or malware delivery. No public active exploitation has been confirmed at time of analysis.

XSS PHP
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-61307 MEDIUM This Month

Reflected XSS in docuForm v11.11c allows unauthenticated remote attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious payloads into the acc-menu_papers.php component. The vulnerability requires user interaction (clicking a crafted link) and has limited scope (session-based impact), with a CVSS score of 6.1. No public exploit code availability or CISA KEV listing confirmed at time of analysis, though a reference repository exists.

XSS PHP
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-65417 MEDIUM This Month

docuFORM Managed Print Service Client 11.11c is vulnerable to a reflected cross site scripting attack via the login page of the application.

XSS
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-61310 MEDIUM This Month

Reflected XSS in docuForm v11.11c acc-menu_billings.php component allows unauthenticated remote attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious payloads into unfiltered variables, requiring user interaction to click a crafted link. CVSS 6.1 reflects limited confidentiality and integrity impact with required user interaction, but successful exploitation can lead to session hijacking, credential theft, or account takeover depending on application context.

XSS PHP
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-61309 MEDIUM This Month

Reflected cross-site scripting (XSS) in GmbH Mercury Managed Print Services docuForm v11.11c allows unauthenticated remote attackers to execute arbitrary JavaScript in a victim's browser by injecting a malicious payload into an unfiltered variable in the dfm-menu_departments.php component. The vulnerability requires user interaction (clicking a crafted link) and affects confidentiality and integrity with limited scope. No public exploit code has been independently confirmed at this time, though the detailed nature of the component reference suggests proof-of-concept research exists.

XSS PHP
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-61305 MEDIUM This Month

Reflected XSS in docuForm v11.11c allows unauthenticated remote attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious payloads into the dfm-menu_firmware.php component, requiring the victim to click a crafted link. CVSS 6.1 reflects moderate impact (confidentiality and integrity compromise) with required user interaction. Exploit code is publicly available via GitHub.

XSS PHP
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-61306 MEDIUM This Month

Reflected cross-site scripting (XSS) in docuForm v11.11c allows unauthenticated remote attackers to execute arbitrary JavaScript in a user's browser by crafting a malicious URL containing a payload injected into an unfiltered variable in the dfm-menu_coveragealerts.php component. Successful exploitation requires user interaction (clicking a malicious link) and can lead to session hijacking, credential theft, or malware delivery. CVSS 6.1 reflects moderate impact with low attack complexity; no public patch version has been identified.

XSS PHP
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-44580 MEDIUM PATCH GHSA This Month

Cross-site scripting in Next.js beforeInteractive scripts allows remote unauthenticated attackers to execute arbitrary JavaScript in visitor browsers when applications pass untrusted content to beforeInteractive script features. The vulnerability arises from insufficient HTML escaping of serialized script content before embedding into the document, enabling attackers to break out of the script context. Affected versions include 13.0.0 through 15.5.15 and 16.0.0 through 16.2.4; patched versions 15.5.16 and 16.2.5 are available. No public exploit code or active exploitation has been identified at time of analysis, though the CVSS score of 6.1 reflects moderate risk with required user interaction.

XSS Red Hat
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-44475 MEDIUM PATCH GHSA This Month

Malicious gNB can corrupt Ella Core's stored UE security capabilities by sending a crafted NGAP PathSwitchRequest message without validation, allowing integrity compromise of security parameters for any user equipment. The vulnerability affects Ella Core versions prior to 1.10.0 and requires access to the NGAP interface (adjacent network), but can degrade security posture by enabling capability downgrades or feature injection. No public exploit code or active exploitation has been reported.

Information Disclosure
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-6093 MEDIUM This Month

SQL injection in Corteza 2024.9.8 allows authenticated remote attackers to execute arbitrary SQL queries against the Microsoft SQL Server backend when filtering Compose records by the meta field, potentially leading to unauthorized data access or manipulation. Exploitation requires valid user credentials and attacker control over filter parameters.

Microsoft SQLi
NVD GitHub
CVSS 4.0
6.0
EPSS
0.0%
CVE-2026-45001 MEDIUM PATCH This Month

Prompt-injected AI models can escalate privileges and persist unauthorized configuration changes in OpenClaw gateway before version 2026.4.20 via insufficient authorization guards on agent-facing config.patch and config.apply endpoints. Authenticated attackers (PR:L) with model tool access can disable sandbox policies, enable malicious plugins, modify TLS/authentication settings, alter SSRF protections, reconfigure MCP servers, and weaken filesystem hardening-effectively bypassing operator-enforced security boundaries. Vendor-released patch available in version 2026.4.20. No evidence of active exploitation; EPSS data not available for this recently disclosed vulnerability.

Authentication Bypass SSRF Openclaw
NVD GitHub VulDB
CVSS 4.0
6.0
EPSS
0.0%
CVE-2026-45005 MEDIUM PATCH This Month

OpenClaw before 2026.4.23 fails to invalidate cached webhook route secrets after rotation, allowing attackers with previously valid secrets to continue authenticating webhook requests and invoking task flows until gateway restart. The vulnerability affects SecretRef-backed webhook authentication where the resolved secret is cached at startup rather than re-resolved per request, weakening credential rotation effectiveness. Vendor-released patch available in version 2026.4.23.

Information Disclosure Openclaw
NVD GitHub
CVSS 4.0
5.9
EPSS
0.0%
CVE-2026-44577 MEDIUM PATCH GHSA This Month

Denial of service in Next.js Image Optimization API allows remote attackers to exhaust server memory by requesting large local assets through the /_next/image endpoint when using the default image loader without size limits. The vulnerability affects self-hosted Next.js deployments with default or configured images.localPatterns; Vercel-hosted and applications using unoptimized images or custom loaders are unaffected. Vendor-released patches available: version 15.5.16 and 16.2.5.

Denial Of Service
NVD GitHub VulDB HeroDevs
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-35157 MEDIUM PATCH This Month

Remote code execution in Dell ECS 3.8.1.0-3.8.1.7 and ObjectScale prior to 4.3.0.0 via improper neutralization of formula elements in CSV files processed by the UI. Unauthenticated remote attackers can exploit this vulnerability with user interaction (formula injection attack) to achieve remote execution with limited confidentiality, integrity, and availability impact. No active exploitation confirmed; exploitation requires victim interaction with malicious CSV content.

Dell Information Disclosure
NVD VulDB
CVSS 3.1
5.8
EPSS
0.1%
CVE-2026-44695 MEDIUM PATCH This Month

Outline is a service that allows for collaborative documentation. Prior to 1.7.1, the Slack integration callback for GET /auth/slack.post accepts an unsigned, session-independent OAuth state value. A third party who can obtain a Slack OAuth code for the same Outline Slack client can make a logged-in Outline user complete the callback and link that user's Outline account to the attacker's Slack team_id and user_id. The linked Slack identity can then use the Slack /outline search command as the victim Outline user. This vulnerability is fixed in 1.7.1.

CSRF Outline
NVD GitHub VulDB
CVSS 3.1
5.8
EPSS
0.0%
CVE-2026-41250 MEDIUM PATCH This Month

Taiga Front prior to version 6.9.1 contains a stored cross-site scripting (XSS) vulnerability that allows authenticated users with limited privileges to inject malicious scripts into confirmation messages and dialogs. When other users view these messages, the scripts execute in their browser context, potentially allowing attackers to steal session cookies, perform unauthorized actions, or redirect victims to malicious sites. The vulnerability requires user interaction (UI:R) but affects confidentiality with a CVSS score of 5.7.

XSS Taiga Front
NVD GitHub
CVSS 3.1
5.7
EPSS
0.0%
CVE-2026-31252 MEDIUM This Month

CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e (2025-30-21) contains an insecure deserialization vulnerability (CWE-502) in its model loading component. The framework uses torch.load() to load model weight files (e.g., llm.pt, flow.pt, hift.pt) without enabling the security-restrictive weights_only=True parameter. This allows the deserialization of arbitrary Python objects via the pickle module. An attacker can exploit this by providing a malicious model directory containing specially crafted model files. When a victim starts the CosyVoice Web UI pointing to this directory, arbitrary code is executed on the victim's system during the model loading process.

Python Code Injection Deserialization RCE N A
NVD GitHub
CVSS 3.1
5.7
EPSS
0.0%
CVE-2025-43992 MEDIUM PATCH This Month

Authentication bypass in Dell ECS Geo replication (versions 3.8.1.0-3.8.1.7) and Dell ObjectScale (prior to 4.3.0.0) allows unauthenticated remote attackers to access data in transit by exploiting assumed-immutable data assumptions. The vulnerability affects the replication authentication mechanism, enabling unauthorized data exposure without requiring valid credentials or user interaction.

Dell Authentication Bypass
NVD
CVSS 3.1
5.6
EPSS
0.1%
CVE-2026-34091 MEDIUM PATCH This Month

Exposure of sensitive information in Wikimedia Foundation MediaWiki allows remote unauthenticated attackers to access unauthorized data via network requests against affected versions before 1.43.7, 1.44.4, and 1.45.2. The vulnerability has low confidentiality impact with CVSS 5.5 and evidence of proof-of-concept code, though no active exploitation in CISA KEV has been confirmed at time of analysis.

Information Disclosure Mediawiki
NVD VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-28993 MEDIUM PATCH This Month

Local authenticated apps bypass user consent mechanisms to access sensitive user data across iOS 18.7.8 and earlier, iPadOS 18.7.8 and earlier, macOS Sequoia 15.7.6 and earlier, macOS Sonoma 14.8.6 and earlier, macOS Tahoe 26.4 and earlier, and visionOS 26.4 and earlier. The vulnerability allows malicious or compromised applications running with standard user privileges to exfiltrate protected information without triggering the expected permission prompts. Apple has patched this by implementing an additional consent verification layer, though the low EPSS score (0.02%) suggests real-world exploitation remains limited.

Authentication Bypass Apple Information Disclosure
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-28996 MEDIUM PATCH This Month

Race condition in Apple operating systems allows local apps to access sensitive user data without authorization. Affects iOS and iPadOS versions below 26.5, macOS Sequoia 15.7.7, Sonoma 14.8.7, Tahoe 26.5, tvOS, visionOS, and watchOS versions below 26.5. Requires local app execution and user interaction. CVSS 5.5 reflects high confidentiality impact but low exploitation likelihood (EPSS 0.02%, 7th percentile).

Apple Race Condition Information Disclosure
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20696 MEDIUM PATCH This Month

An authorization issue was addressed with improved state management. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data.

Authentication Bypass Apple
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-28914 MEDIUM PATCH This Month

Gatekeeper security checks in macOS Tahoe can be bypassed using maliciously crafted ZIP archives due to a logic flaw in file handling. An attacker can create a weaponized ZIP file that, when extracted or opened by a user, circumvents Gatekeeper validation, potentially allowing execution of untrusted code. The vulnerability requires user interaction (opening or extracting the malicious archive) and is limited to local attack surface. Vendor-released patch: macOS Tahoe 26.5.

Authentication Bypass Apple
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-28958 MEDIUM PATCH This Month

Apple operating systems prior to version 26.5 allow installed applications to access sensitive user data through an information disclosure vulnerability requiring local access and user interaction. The flaw affects iOS, iPadOS, macOS Tahoe, and visionOS across all versions before 26.5, with an EPSS score of 0.02% indicating low real-world exploitation probability despite the local attack vector and high confidentiality impact.

Apple Information Disclosure Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-28988 MEDIUM PATCH This Month

Privacy bypass in Apple operating systems allows local authenticated apps to circumvent user-configured privacy restrictions through permission mishandling. The vulnerability affects iOS, iPadOS, macOS Tahoe, visionOS, and watchOS versions prior to 26.5. An attacker with local app execution privileges can access sensitive data classified as restricted by user privacy settings, though without authentication bypass or integrity compromise. Fixed in coordinated OS updates across Apple's ecosystem.

Authentication Bypass Apple
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-42050 MEDIUM PATCH This Month

Stack buffer overflow in ImageMagick display tool prior to versions 7.1.2-21 and 6.9.13-46 allows local attackers to cause denial of service by crafting a malicious MIFF file that triggers memory corruption when a user opens the file and invokes the Load/Update menu via right-click interaction. CVSS score of 5.5 reflects local attack vector and requirement for user interaction, with impact limited to availability (denial of service) rather than code execution.

Stack Overflow Buffer Overflow Red Hat
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-45046 MEDIUM PATCH GHSA This Month

Gryph implements logging levels that determine what content is logged to a local sqlite database. The README incorrectly mentions that the default log level is minimal while it is standard. Source code review shows sensitive `file-write` content remains in the stored `payload` as `ContentPreview`, `OldString`, or `NewString` at the default `standard` logging level and at `full`. This leads to logging of potentially sensitive file content in the local sqlite database, violating Gryphs sensitive file filter and log level contracts. ### Impact Potentially sensitive data accessed or written by coding agents may be logged to local sqlite database. Users of Gryph are affected ONLY if their local sqlite database is stolen or exported to remote system with the assumption that no sensitive data is logged. ### Patches Fixed in v0.7.0

Information Disclosure
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-41256 MEDIUM PATCH This Month

Jq 1.8.1 and earlier truncate filter files at the first embedded NUL byte when loaded with -f, causing only the prefix before the NUL to execute. A crafted filter file containing a NUL byte and arbitrary suffix allows an attacker to inject malicious code that compiles and runs silently, bypassing intended filter logic and potentially modifying JSON output in undetected ways. This represents a post-CVE-2026-33948 regression on the compilation path.

Information Disclosure Red Hat
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-39960 MEDIUM PATCH GHSA This Month

Improper escaping of a textarea custom field's contents in the Update Issue page (bug_update_page.php) allows an attacker to inject HTML and, if CSP settings permit, execute arbitrary JavaScript when the page is loaded. ### Impact Session theft leading to admin account takeover, full project data access. - Precondition: A textarea-type custom field must be configured for the project - Attacker: Authenticated user with bug report permission (low privilege) - Victim: Any user viewing the bug edit form, including administrators ### Patches - 5fec0f448b7a7d7d539a6adb6dccceac4e4e4ab7 ### Workarounds The default Content-Security Policy will block script execution. ### References - https://mantisbt.org/bugs/view.php?id=37003 - This is related to [CVE-2024-34081](https://github.com/advisories/GHSA-wgx7-jp56-65mq). ### Credits Thanks to the following security researchers for independently discovering and responsibly reporting the issue, and providing a patch to fix it. - Thanks to Nozomu Sasaki (Paul) (@morimori-dev) - Tristan Madani (@TristanInSec) from Talence Security

XSS PHP
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-38569 MEDIUM This Month

HireFlow v1.2 contains reflected cross-site scripting (XSS) vulnerabilities in the candidate detail interface that allow authenticated users to inject malicious scripts via the Resume or Feedback Comment fields when submitting data to POST /candidates/add or POST /feedback/add endpoints. An attacker with user-level access can craft a malicious request containing JavaScript payloads that execute in the browsers of other users viewing the affected pages, potentially compromising session tokens, stealing credentials, or performing actions on behalf of victims. The CVSS score of 5.4 reflects the requirement for user interaction and authenticated access, though the cross-site scope indicates broader application impact beyond the attacker's session.

XSS
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-65415 MEDIUM This Month

Session fixation vulnerability in docuFORM Managed Print Service Client 11.11c allows unauthenticated remote attackers to hijack user sessions via the login page, enabling unauthorized access to application functions and potential disclosure of sensitive print job data. The vulnerability requires user interaction (clicking a malicious link) and affects confidentiality and integrity with a CVSS score of 5.4. No public exploit code or active exploitation has been confirmed at the time of analysis.

Session Fixation Information Disclosure
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-28819 MEDIUM PATCH This Month

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to execute arbitrary code with kernel privileges.

Apple Memory Corruption Buffer Overflow RCE
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-44777 MEDIUM PATCH This Month

jq 1.8.2rc1 and earlier suffers from infinite recursion in the module loader when two modules include each other circularly, causing denial of service through resource exhaustion. The vulnerability requires user interaction (loading a crafted jq script with circular module dependencies) on local systems. CVSS 5.4 (CVSS:4.0/AV:L/AC:L/PR:N/UI:P) reflects availability impact only; no remote exploitation vector exists. No public exploit code or active exploitation reported at time of analysis.

Information Disclosure Red Hat
NVD GitHub VulDB
CVSS 4.0
5.4
EPSS
0.0%
CVE-2026-40612 MEDIUM PATCH This Month

jq 1.8.1 and earlier are vulnerable to stack exhaustion via unbounded recursion in the jv_contains function when processing deeply nested JSON structures. An attacker can craft a malicious JSON input with excessive nesting depth that exhausts the C stack, causing denial of service. The vulnerability requires user interaction to process the malicious input, and CVSS indicates availability impact with exploitability probability.

Information Disclosure Red Hat
NVD GitHub VulDB
CVSS 4.0
5.4
EPSS
0.0%
CVE-2026-44995 MEDIUM PATCH This Month

Remote code execution in OpenClaw npm package versions before 2026.4.20 allows local authenticated users to inject malicious code through MCP stdio server environment variables. Attackers craft workspace configurations containing dangerous environment variables (NODE_OPTIONS, LD_PRELOAD, BASH_ENV) that execute arbitrary code when operators start sessions using those MCP servers. Vendor-released patch available (version 2026.4.20). No public exploit code or active exploitation confirmed at time of analysis, though VulnCheck published detailed technical advisory. CVSS 7.3 reflects local attack vector requiring user interaction, limiting widespread exploitation risk despite high technical impact.

RCE Openclaw
NVD GitHub VulDB
CVSS 4.0
5.4
EPSS
0.0%
CVE-2026-44576 MEDIUM PATCH GHSA This Month

Cache poisoning in React Server Components allows remote attackers to serve malicious RSC payloads from legitimate URLs when shared caches (CDNs, reverse proxies) do not properly partition response variants by RSC request headers. An attacker can manipulate cache entries so subsequent legitimate users receive component serialization instead of expected HTML, enabling information disclosure and application malfunction. This affects Next.js 14.2.0-15.5.15 and 16.0.0-16.2.4 using App Router with shared caching; no public exploit code identified at time of analysis.

Information Disclosure Red Hat
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-41148 MEDIUM PATCH GHSA This Month

### Details The state diagram and any other diagram type that routes user-controlled style strings through createCssStyles parser for Mermaid v11.14.0 and earlier captures `classDef` values with an unrestricted regex: ```jison // packages/mermaid/src/diagrams/state/parser/stateDiagram.jison:83 <CLASSDEFID>[^\n]* { this.popState(); return 'CLASSDEF_STYLEOPTS' } ``` The value passes unsanitized through `addStyleClass()` -> `createCssStyles()` -> `style.innerHTML` (mermaidAPI.ts:418). A `}` in the value closes the generated CSS selector, and everything after becomes a new CSS rule on the page. ### PoC ``` stateDiagram-v2 classDef x }*{ background-image: url("http://media.giphy.com/media/SggILpMXO7Xt6/giphy.gif")} ``` Live demo: <https://mermaid.live/edit#pako:eNpFjzFvgzAQhf-KdVNbEcBgMHhtlkqtOnSJKi8ONsYKBmRMlRTx3-skanvTfbp7996t0IxSAYPZC6_2Rmgn7O4rQ00v5nmvWnRG29OKjqI5aTcug9wZK7RiaHH9A4fO-4kliVXSiFibqbvEzWjvnHxo_fI6vR3e6cGXyX2qTcvhcYMItDMSmHeLisAqZ8UVYeUDQhx8p6ziwEIrhTtx4MNVM4nhcxztrywE0h2wVvRzoGWS_z_8rahBKvcckntgmN5OAFvhDIzUNCZZQXCR5nVaZkUEF2BVFpOcEkoxxhUuyRbB980yjStapKHqoKFlhvPtB7BFZEU> ### Patches This has been patched in: - [v11.15.0](https://github.com/mermaid-js/mermaid/releases/tag/mermaid%4011.15.0) (see [e9b0f34d8d82a6260077764ee45e1d7d90957a0f](https://github.com/mermaid-js/mermaid/commit/e9b0f34d8d82a6260077764ee45e1d7d90957a0f)) - [v10.9.6](https://github.com/mermaid-js/mermaid/releases/tag/v10.9.6) (see [8fead23c59166b7bab6a39eac81acebee2859102](https://github.com/mermaid-js/mermaid/commit/8fead23c59166b7bab6a39eac81acebee2859102)) ### Workarounds Setting [`"securityLevel": "sandbox"`](https://mermaid.js.org/config/schema-docs/config.html#securitylevel) will prevent this, by rendering the mermaid diagram in a sandboxed `<iframe>`. ### Impact Enables page defacement, user tracking via `url()` callbacks, and DOM attribute exfiltration via CSS `:has()` selectors.

Code Injection RCE Red Hat
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2026-4891 MEDIUM PATCH This Month

Heap-based out-of-bounds read in dnsmasq DNSSEC validation allows remote unauthenticated attackers to trigger a denial of service by sending a crafted DNS packet. The vulnerability affects dnsmasq 2.93 and potentially earlier versions; CVSS 5.3 with network-based access vector indicates moderate severity. No public exploit code or active exploitation confirmed at time of analysis.

Denial Of Service Buffer Overflow Information Disclosure Dnsmasq
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-4893 MEDIUM PATCH This Month

Information disclosure in dnsmasq 2.93 allows remote attackers to bypass source IP validation checks by sending crafted DNS packets containing RFC 7871 client subnet (EDNS Client Subnet) information. The vulnerability enables attackers to determine internal network information that should remain hidden behind source address filtering, affecting the confidentiality of network topology and potentially enabling further reconnaissance. CVSS 5.3 reflects the network-accessible nature with low complexity but limited direct impact.

Information Disclosure Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-41159 MEDIUM PATCH GHSA This Month

### Impact Mermaid's default configuration allows injecting CSS that applies outside of the Mermaid diagram via the `fontFamily`, `themeCSS`, and `altFontFamily` configuration options. Live demo: [mermaid.live](https://mermaid.live/edit#pako:eNpNjktLxDAUhf9KvFBR6JS-60QQfODKlUvJ5k6TtsEmKTHFGUP-u-mI6Nmdy3fOPR56wwVQSBIvtXSUeAaD0e4ZlZxPDChhcLxFfwiEauOuLq_9Afv30ZpVczpaITS5kGox1qF2gfSeBwYhJAnThAyz-ewntI68vG5-0z3Z7e7IA9OQwmglB-rsKlJQwircLPgNZeAmocTPAi4GXGfHgOkQYwvqN2PUbzJuGSegA84f0a0LRyeeJI4W_xChubCPcbQD2pwbgHo4Aq2aKmvbqq3zoiu7pizqFE6RybN9VFfFY1HWXRVS-Dr_zLObrt7_V_gGGXZlGg) Example code: ``` %%{init: {"fontFamily": "x;a{b} :not(&){background:green !important} c{d}"}}%% flowchart LR A --> B ``` The injected CSS exploits stylis's `&` (scope reference) handling. `:not(&)` escapes the `#mermaid-xxx` automatic scoping, applying styles to all page elements. Global at-rules (`@font-face`, `@keyframes`, `@counter-style`) are also injectable as stylis hoists them to top level. This allows page defacement and DOM attribute exfiltration via CSS `:has()` selectors. ### Patches - [v11.15.0](https://github.com/mermaid-js/mermaid/releases/tag/mermaid%4011.15.0) (see [64769738d5b59211e1decb471ffbaca8afec51aa](https://github.com/mermaid-js/mermaid/commit/64769738d5b59211e1decb471ffbaca8afec51aa)) - [v10.9.6](https://github.com/mermaid-js/mermaid/releases/tag/v10.9.6) (see [a9d9f0d8eb790349121508688cd338253fd80d76](https://github.com/mermaid-js/mermaid/commit/a9d9f0d8eb790349121508688cd338253fd80d76)) ### Workarounds If you can't upgrade mermaid, you can set the [`secure`](https://mermaid.js.org/config/schema-docs/config.html#secure) config value in the mermaid config to avoid allowing diagrams to modify `fontFamily`, `themeCSS`, `altFontFamily`, and `themeVariables`. Setting [`"securityLevel": "sandbox"`](https://mermaid.js.org/config/schema-docs/config.html#securitylevel) will also prevent this. ### Credits Reported by @zsxsoft on behalf of @KeenSecurityLab

Code Injection RCE
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-41150 MEDIUM PATCH GHSA This Month

### Impact Mermaid v11.14.0 and earlier are vulnerable to a denial-of-service attack when rendering gantt charts, if they use the [`excludes` attribute](https://mermaid.js.org/syntax/gantt.html?#excludes) to exclude all dates. Example: ``` gantt excludes monday,tuesday,wednesday,thursday,friday,saturday,sunday DoS :2025-01-01, 1d ``` `mermaid.parse` is unaffected, unless you then call the `ganttDb.getTasks()` (which is called when rendering a diagram). ### Patches This has been patched in: - [v11.15.0](https://github.com/mermaid-js/mermaid/releases/tag/mermaid%4011.15.0) (see [faafb5d49106dd32c367f3882505f2dd625aa30e](https://github.com/mermaid-js/mermaid/commit/faafb5d49106dd32c367f3882505f2dd625aa30e)) - [v10.9.6](https://github.com/mermaid-js/mermaid/releases/tag/v10.9.6) (see [a59ea56174712ee5430dfd5bc877cb5151f501a6](https://github.com/mermaid-js/mermaid/commit/a59ea56174712ee5430dfd5bc877cb5151f501a6)) ### Workarounds There are no workarounds available without updating to a newer version of mermaid.

Denial Of Service Red Hat
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-41149 MEDIUM PATCH GHSA This Month

### Impact Under the default configuration, Mermaid state diagram's `classDef` allow DOM injection that escapes the SVG, although `<script>` tags are removed, preventing XSS. #### Proof-of-concept ``` stateDiagram-v2 classDef xss fill:red</style></svg><style>*{x:x;y:y;overflow:visible!important;contain:none!important;transform:none!important;filter:none!important;clip-path:none!important}</style><div style="x:x;y:y;color:red;font:5em/1 monospace;display:grid;place-items:center;z-index:2147483647;width:100vw;height:100vh;position:fixed;top:0;left:0;background:black">HACKED</div><svg><style>a:b [*] --> A:::xss ``` ### Patches - [v11.15.0](https://github.com/mermaid-js/mermaid/releases/tag/mermaid%4011.15.0) (see [37ff937f1da2e19f882fd1db01235db4d01f4056](https://github.com/mermaid-js/mermaid/commit/37ff937f1da2e19f882fd1db01235db4d01f4056)) - [v10.9.6](https://github.com/mermaid-js/mermaid/releases/tag/v10.9.6) (see [4e2d512bf5bf6f9de1a8f0a48da78dc4d09ac4f3](https://github.com/mermaid-js/mermaid/commit/4e2d512bf5bf6f9de1a8f0a48da78dc4d09ac4f3)) ### Workarounds If you can not update to a patched version, setting [`"securityLevel": "sandbox"`](https://mermaid.js.org/config/schema-docs/config.html#securitylevel) will prevent this, by rendering the mermaid diagram in a sandboxed `<iframe>`. ### Credits Thanks to @zsxsoft from @KeenSecurityLab for reporting this vulnerability.

XSS Code Injection RCE Red Hat
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-41897 MEDIUM PATCH GHSA This Month

Lack of validation of filter_target parameter on return_dynamic_filters.php (normally used as an AJAX in View Issues Page) allows an attacker to inject arbitrary HTML if the target is a TEXTAREA custom field. ### Impact Cross-site scripting (XSS) ### Patches - c885af13f0b8596714ffe11df757c09f35fbd8f4 ### Workarounds None ### Credits Thanks to siunam (Tang Cheuk Hei) for discovering and responsibly reporting the issue.

XSS PHP
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy