Known Vulnerabilities for Mermaid by Mermaid Project
Listed below are 5 of the newest known vulnerabilities associated with "Mermaid" by "Mermaid Project".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-59791 json | In JetBrains YouTrack before 2026.2.17012 cSS injection via Mermaid diagram rendering was possible | Not Provided | 2026-07-10 | 2026-07-10 |
| CVE-2026-54011 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6,Open WebUI ... | Not Provided | 2026-06-23 | 2026-06-23 |
| CVE-2026-41159 json | Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 1... | Not Provided | 2026-05-29 | 2026-07-01 |
| CVE-2026-41150 json | Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 1... | Not Provided | 2026-05-29 | 2026-05-29 |
| CVE-2026-41149 json | Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and e... | Not Provided | 2026-05-22 | 2026-05-23 |
| CVE-2026-41148 json | Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and p... | Not Provided | 2026-05-22 | 2026-05-22 |
| CVE-2026-40322 json | SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, Mermaid diagrams are rendered wit... | Not Provided | 2026-04-16 | 2026-04-17 |
| CVE-2026-26226 json | beautiful-mermaid versions prior to 0.1.3 contain an SVG attribute injection issue that can lead to cross-site scripting (XSS... | Not Provided | 2026-02-13 | 2026-07-14 |
| CVE-2026-11455 json | A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.2. Affected by this issue is the function check_cmd_exis... | Not Provided | 2026-06-07 | 2026-06-08 |
| CVE-2026-6658 json | A vulnerability in jupyter/nbconvert versions <= 7.17.0 allows for Cross-site Scripting (XSS) via unsanitized `text/vnd.merma... | Not Provided | 2026-06-26 | 2026-06-26 |