EUVD-2023-12460

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-54880

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mermaid is a JavaScript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. I...

SUSE CVE-2025-54880

Mermaid is a JavaScript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. In the default configuration of mermaid 11.9.0 and earlier, user supplied input for architecture diagram icons is passed to the d3 html...

CVE-2025-54880

Mermaid is a JavaScript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. In the default configuration of mermaid 11.9.0 and earlier, user supplied input for architecture diagram icons is passed to the d3 html...

CVE-2025-54880 Mermaid does not properly sanitize architecture diagram iconText leading to XSS

Mermaid is a JavaScript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. In the default configuration of mermaid 11.9.0 and earlier, user supplied input for architecture diagram icons is passed to the d3 html...

CVE-2025-54880 Mermaid does not properly sanitize architecture diagram iconText leading to XSS

Mermaid is a JavaScript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. In the default configuration of mermaid 11.9.0 and earlier, user supplied input for architecture diagram icons is passed to the d3 html...

CVE-2025-54880

CVE-2025-54880 affects mermaid up to version 11.9.0 where user-provided input for architecture diagrams is passed to d3.html(), creating a cross-site scripting sink. The CVE description notes the issue is fixed in 11.10.0. Connected GHSA advisory for Gogs highlights stored XSS via mermaid diagram...

PT-2025-33815 · Mermaid +1 · Mermaid +1

Name of the Vulnerable Software and Affected Versions: Mermaid versions prior to 11.10.0 Description: Mermaid is a JavaScript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. In the default configuration,...

CVE-2023-0400

The protection bypass vulnerability in DLP for Windows 11.9.x is addressed in version 11.10.0. This allowed a local user to bypass DLP controls when uploading sensitive data from a mapped drive into a web email client. Loading from a local driver was correctly prevented. Versions prior to 11.9...

Security feature bypass

The protection bypass vulnerability in DLP for Windows 11.9.x is addressed in version 11.10.0. This allowed a local user to bypass DLP controls when uploading sensitive data from a mapped drive into a web email client. Loading from a local driver was correctly prevented. Versions prior to 11.9...

CVE-2023-0400

Summary for CVE-2023-0400 (Trellix DLP) : A protection-bypass vulnerability was found in Trellix Data Loss Prevention 11.9.x for Windows, allowing a local user to bypass DLP controls when uploading sensitive data from a mapped drive into a web email client. Loading from a local driver was correct...

CVE-2023-0400

The protection bypass vulnerability in DLP for Windows 11.9.x is addressed in version 11.10.0. This allowed a local user to bypass DLP controls when uploading sensitive data from a mapped drive into a web email client. Loading from a local driver was correctly prevented. Versions prior to 11.9...

Unspecified Vulnerability in GitLab (CNVD-2019-30488)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab Enterprise and...