Skip to main content

CVE-2026-41159

| EUVDEUVD-2026-33324 MEDIUM
Code Injection (CWE-94)
2026-05-11 https://github.com/mermaid-js/mermaid GHSA-87f9-hvmw-gh4p
5.3
CVSS 4.0 · Vendor: https://github.com/mermaid-js/mermaid
Share

Severity by source

Vendor (https://github.com/mermaid-js/mermaid) PRIMARY
5.3 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
SUSE
MEDIUM
qualitative
Red Hat
5.4 MEDIUM
qualitative

Primary rating from Vendor (https://github.com/mermaid-js/mermaid).

CVSS VectorVendor: https://github.com/mermaid-js/mermaid

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
P
Scope
X

Lifecycle Timeline

2
CVSS changed
May 29, 2026 - 15:22 NVD
5.3 (MEDIUM)
CVE Published
May 11, 2026 - 19:37 nvd
MEDIUM

DescriptionCVE.org

Impact

Mermaid's default configuration allows injecting CSS that applies outside of the Mermaid diagram via the fontFamily, themeCSS, and altFontFamily configuration options.

Live demo: mermaid.live

Example code:

%%{init: {"fontFamily": "x;a{b} :not(&){background:green !important} c{d}"}}%%
flowchart LR
    A --> B

The injected CSS exploits stylis's & (scope reference) handling. :not(&) escapes the #mermaid-xxx automatic scoping, applying styles to all page elements. Global at-rules (@font-face, @keyframes, @counter-style) are also injectable as stylis hoists them to top level.

This allows page defacement and DOM attribute exfiltration via CSS :has() selectors.

Patches

Workarounds

If you can't upgrade mermaid, you can set the secure config value in the mermaid config to avoid allowing diagrams to modify fontFamily, themeCSS, altFontFamily, and themeVariables.

Setting "securityLevel": "sandbox" will also prevent this.

Credits

Reported by @zsxsoft on behalf of @KeenSecurityLab

Analysis

Impact

Mermaid's default configuration allows injecting CSS that applies outside of the Mermaid diagram via the fontFamily, themeCSS, and altFontFamily configuration options.

Live demo: mermaid.live

Example code:

%%{init: {"fontFamily": "x;a{b} :not(&){background:green !important} c{d}"}}%%
flowchart LR
    A --> B

The injected CSS exploits stylis's & (scope reference) handling. :not(&) escapes the #mermaid-xxx automatic scoping, applying styles to all page elements. Global at-rules (@font-face, @keyframes, @counter-style) are also injectable as stylis hoists them to top level.

This allows page defacement and DOM attribute exfiltration via CSS :has() selectors.

Patches

Workarounds

If you can't upgrade mermaid, you can set the secure config value in the mermaid config to avoid allowing diagrams to modify fontFamily, themeCSS, altFontFamily, and themeVariables.

Setting "securityLevel": "sandbox" will also prevent this.

Credits

Reported by @zsxsoft on behalf of @KeenSecurityLab

Vendor StatusVendor

SUSE

Severity: Medium

Share

CVE-2026-41159 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy