9 matches found
EUVD-2026-31515
Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and prior, in addition to 11.0.0-alpha.1 through 11.12.0 are vulnerable to CSS injection through improper sanitization. The state diagram and any other diagram type that routes...
Linux Distros Unpatched Vulnerability : CVE-2021-43861
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mermaid is a Javascript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams...
CVE-2025-54881
Technical details about CVE-2025-54881 are not publicly available in the provided connected documents. Monitor for updates.
CVE-2025-54132
CVE-2025-54132 affects Cursor’s Mermaid-based diagram tool prior to version 1.3. An attacker can trigger prompt injections to cause Mermaid-rendered images to fetch data to a remote attacker-controlled server, enabling exfiltration of sensitive information. The issue is fixed in version 1.3; upgr...
CVE-2024-38527 Cross-site Scripting in ZenUML
ZenUML is JavaScript-based diagramming tool that requires no server, using Markdown-inspired text definitions and a renderer to create and modify sequence diagrams. Markdown-based comments in the ZenUML diagram syntax are susceptible to Cross-site Scripting XSS. The comment feature allows the use...
CVE-2021-43861
Mermaid is a Javascript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. Prior to version 8.13.8, malicious diagrams can run javascript code at diagram readers' machines. Users should upgrade to version 8.13.8 t...
The vulnerability of Mermaid software for generating diagrams and block diagrams lies in the lack of measures taken to protect the structure of web pages, allowing attackers to compromise data integrity.
The vulnerability of Mermaid software for generating diagrams and block diagrams is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability can allow a remote attacker to compromise the integrity of data...
[SECURITY] Fedora 11 Update: kdesdk-4.4.2-1.fc11
A collection of applications and tools used by developers, including: cervisia: a CVS frontend kate: advanced text editor kbugbuster: a tool to manage the KDE bug report system kcachegrind: a browser for data produced by profiling tools e.g. cachegr ind kompare: diff tool kuiviewer: displays...
[SECURITY] Fedora 7 Update: kdesdk-3.5.8-2.fc7
A collection of applications and tools used by developers, including: cervisia: a CVS frontend kbabel: PO file management kbugbuster: a tool to manage the KDE bug report system kcachegrind: a browser for data produced by profiling tools e.g. cachegr ind kompare: diff tool kuiviewer: displays...