Browse all 7 CVE security advisories affecting mermaid-js. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Mermaid-js is a JavaScript-based diagramming and charting tool that enables developers to create visualizations through text-based descriptions. Historically, it has been susceptible to cross-site scripting (XSS) vulnerabilities due to improper input sanitization in rendering functions, with several instances allowing remote code execution through malicious diagram definitions. The project has addressed multiple security flaws, including those enabling arbitrary code execution via crafted diagram syntax, though no major public security incidents have been documented. Despite these vulnerabilities, the tool remains widely adopted for documentation and visualization purposes, with ongoing efforts to improve security through input validation and sandboxed rendering environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-41149 | Mermaid: Improper sanitization of `classDef` in state diagrams leads to HTML injection — mermaidCWE-94 | - | - | 2026-05-22 |
| CVE-2026-41148 | Mermaid: Improper sanitization of `classDefs` in diagrams leads to CSS injection — mermaidCWE-94 | - | - | 2026-05-22 |
| CVE-2025-54881 | Mermaid improperly sanitizes of sequence diagram labels leading to XSS — mermaidCWE-79 | 5.4AI | MediumAI | 2025-08-19 |
| CVE-2025-54880 | Mermaid does not properly sanitize architecture diagram iconText leading to XSS — mermaidCWE-79 | 5.4AI | MediumAI | 2025-08-19 |
| CVE-2022-31108 | Arbitrary `CSS` injection into the generated graph affecting the container HTML in mermaid.js — mermaidCWE-74 | 4.1 | Medium | 2022-06-28 |
| CVE-2021-43861 | Incorrect sanitisation function leads to `XSS` — mermaidCWE-79 | 7.2 | High | 2021-12-30 |
This page lists every published CVE security advisory associated with mermaid-js. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.