Lucene search
K

6 matches found

UbuntuCve
UbuntuCve
added 2026/06/01 12:0 a.m.12 views

CVE-2026-41159

Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 11.15.0, Mermaid's default configuration allows injecting CSS that applies outside of the Mermaid diagram via the fontFamily, themeCSS, and altFontFamily configuration...

5.3CVSS5.8AI score0.00398EPSS
Exploits0References7
OSV
OSV
added 2026/05/29 3:16 p.m.7 views

DEBIAN-CVE-2026-41159

Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 11.15.0, Mermaid's default configuration allows injecting CSS that applies outside of the Mermaid diagram via the fontFamily, themeCSS, and altFontFamily configuration...

5.3CVSS5.8AI score0.00398EPSS
Exploits0References1
OSV
OSV
added 2026/05/29 3:16 p.m.6 views

UBUNTU-CVE-2026-41159

Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 11.15.0, Mermaid's default configuration allows injecting CSS that applies outside of the Mermaid diagram via the fontFamily, themeCSS, and altFontFamily configuration...

5.3CVSS5.8AI score0.00398EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/05/29 1:53 p.m.10 views

CVE-2026-41159 Mermaid: Improper sanitization of configuration leads to CSS injection

Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 11.15.0, Mermaid's default configuration allows injecting CSS that applies outside of the Mermaid diagram via the fontFamily, themeCSS, and altFontFamily configuration...

5.3CVSS5.8AI score0.00398EPSS
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/02 11:2 a.m.2 views

Malicious code in stylis-ifl4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 67dee32869e4aa596866719fecd53f70729795c83ebace2b700e3322a45a0434 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/02 11:2 a.m.10 views

MAL-2022-6342 Malicious code in stylis-ifl4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 67dee32869e4aa596866719fecd53f70729795c83ebace2b700e3322a45a0434 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Rows per page
Query Builder