Lucene search
K

9 matches found

EUVD
EUVD
added 2026/05/22 10:3 p.m.8 views

EUVD-2026-31515

Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and prior, in addition to 11.0.0-alpha.1 through 11.12.0 are vulnerable to CSS injection through improper sanitization. The state diagram and any other diagram type that routes...

5.3CVSS5.7AI score0.00338EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-43861

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mermaid is a Javascript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams...

7.2CVSS6.3AI score0.00912EPSS
Exploits0References2
CVE
CVE
added 2025/08/19 5:4 p.m.62 views

CVE-2025-54881

Technical details about CVE-2025-54881 are not publicly available in the provided connected documents. Monitor for updates.

5.3CVSS7.1AI score0.0071EPSS
Exploits0References3
CVE
CVE
added 2025/08/01 11:5 p.m.38 views

CVE-2025-54132

CVE-2025-54132 affects Cursor’s Mermaid-based diagram tool prior to version 1.3. An attacker can trigger prompt injections to cause Mermaid-rendered images to fetch data to a remote attacker-controlled server, enabling exfiltration of sensitive information. The issue is fixed in version 1.3; upgr...

7.5CVSS7.3AI score0.00338EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/06/26 7:33 p.m.9 views

CVE-2024-38527 Cross-site Scripting in ZenUML

ZenUML is JavaScript-based diagramming tool that requires no server, using Markdown-inspired text definitions and a renderer to create and modify sequence diagrams. Markdown-based comments in the ZenUML diagram syntax are susceptible to Cross-site Scripting XSS. The comment feature allows the use...

5.4CVSS6.6AI score0.00381EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2021/12/30 1:40 p.m.22 views

CVE-2021-43861

Mermaid is a Javascript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. Prior to version 8.13.8, malicious diagrams can run javascript code at diagram readers' machines. Users should upgrade to version 8.13.8 t...

7.2CVSS6.2AI score0.00912EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/10/05 12:0 a.m.5 views

The vulnerability of Mermaid software for generating diagrams and block diagrams lies in the lack of measures taken to protect the structure of web pages, allowing attackers to compromise data integrity.

The vulnerability of Mermaid software for generating diagrams and block diagrams is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability can allow a remote attacker to compromise the integrity of data...

6.1CVSS6.3AI score0.01018EPSS
Exploits0References5Affected Software2
Fedora
Fedora
added 2010/04/16 11:53 p.m.26 views

[SECURITY] Fedora 11 Update: kdesdk-4.4.2-1.fc11

A collection of applications and tools used by developers, including: cervisia: a CVS frontend kate: advanced text editor kbugbuster: a tool to manage the KDE bug report system kcachegrind: a browser for data produced by profiling tools e.g. cachegr ind kompare: diff tool kuiviewer: displays...

6.9CVSS2.2AI score0.00279EPSS
Exploits0
Fedora
Fedora
added 2007/11/13 12:5 a.m.51 views

[SECURITY] Fedora 7 Update: kdesdk-3.5.8-2.fc7

A collection of applications and tools used by developers, including: cervisia: a CVS frontend kbabel: PO file management kbugbuster: a tool to manage the KDE bug report system kcachegrind: a browser for data produced by profiling tools e.g. cachegr ind kompare: diff tool kuiviewer: displays...

9.3CVSS2.4AI score0.0702EPSS
Exploits1
Rows per page
Query Builder