6 matches found
CVE-2026-41159
Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 11.15.0, Mermaid's default configuration allows injecting CSS that applies outside of the Mermaid diagram via the fontFamily, themeCSS, and altFontFamily configuration...
DEBIAN-CVE-2026-41159
Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 11.15.0, Mermaid's default configuration allows injecting CSS that applies outside of the Mermaid diagram via the fontFamily, themeCSS, and altFontFamily configuration...
UBUNTU-CVE-2026-41159
Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 11.15.0, Mermaid's default configuration allows injecting CSS that applies outside of the Mermaid diagram via the fontFamily, themeCSS, and altFontFamily configuration...
CVE-2026-41159 Mermaid: Improper sanitization of configuration leads to CSS injection
Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 11.15.0, Mermaid's default configuration allows injecting CSS that applies outside of the Mermaid diagram via the fontFamily, themeCSS, and altFontFamily configuration...
Malicious code in stylis-ifl4 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 67dee32869e4aa596866719fecd53f70729795c83ebace2b700e3322a45a0434 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6342 Malicious code in stylis-ifl4 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 67dee32869e4aa596866719fecd53f70729795c83ebace2b700e3322a45a0434 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...