CVE-2026-41149

Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and earlier, as well as 11.0.0-alpha.1 through 11.14.0, are vulnerable to HTML injection under the default configuration. Specifically, the classDef directive in Mermaid state...

UBUNTU-CVE-2026-41148

Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and prior, in addition to 11.0.0-alpha.1 through 11.12.0 are vulnerable to CSS injection through improper sanitization. The state diagram and any other diagram type that routes...

PT-2026-39886

Name of the Vulnerable Software and Affected Versions Mermaid versions prior to 10.9.6 Mermaid versions 11.0.0-alpha.1 through 11.14.0 Description Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Under the default configuration, the classDef...

[R2] Nessus Versions 10.11.1 and 10.9.6 Fix Multiple Vulnerabilities

R2 Nessus Versions 10.11.1 and 10.9.6 Fix Multiple Vulnerabilities Arnie Cabral Mon, 12/15/2025 - 09:48 Nessus leverages third-party software to help provide underlying functionality. Several of the third-party components expat, libxml2, libxslt were found to contain vulnerabilities, and updated...

MariaDB 10.9.0 < 10.9.6

The version of MariaDB installed on the remote host is prior to 10.9.6. It is, therefore, affected by a vulnerability as referenced in the 10.9.6 advisory. - MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spiderdbmbase::printwarnings to...