3 matches found
PT-2026-39888
Name of the Vulnerable Software and Affected Versions Mermaid versions prior to 11.15.0 Mermaid versions prior to 10.9.6 Description Default configuration allows the injection of CSS that applies outside of the Mermaid diagram. This occurs through the fontFamily, themeCSS, and altFontFamily...
CVE-2025-67744 Mermaid XSS vulnerability leads to Remote Code Execution
DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to version 0.5.3, a security vulnerability exists in the Mermaid diagram rendering component that allows arbitrary JavaScript execution. Due to the exposure of the Electron IPC renderer...
PT-2025-51356
Name of the Vulnerable Software and Affected Versions DeepChat versions prior to 0.5.3 Description DeepChat is an open-source artificial intelligence agent platform. A security issue exists in the Mermaid diagram rendering component that allows arbitrary JavaScript execution. This Cross-Site...