PatchSiren cyber security CVE debrief
CVE-2026-41148 mermaid-js CVE debrief
Mermaid, a JavaScript diagramming library, contains a CSS injection vulnerability in versions 10.9.5 and prior, as well as 11.0.0-alpha.1 through 11.12.0. The flaw exists in the state diagram parser and other diagram types that route user-controlled style strings through createCssStyles. The classDef values are captured using an unrestricted regex matching everything up to a newline, which then flows unsanitized through addStyleClass() into createCssStyles() and is assigned to style.innerHTML. A closing brace (}) in the value terminates the generated CSS selector, allowing injection of arbitrary CSS rules. This enables page defacement, user tracking via url() callbacks, and DOM attribute exfiltration. The vulnerability was published on 2026-05-22 and last modified on 2026-05-26. It has been remediated in versions 10.9.6 and 11.15.0.
- Vendor
- mermaid-js
- Product
- mermaid
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-22
- Original CVE updated
- 2026-05-26
- Advisory published
- 2026-05-22
- Advisory updated
- 2026-05-26
Who should care
Organizations using Mermaid.js for diagram rendering in web applications, particularly those accepting user-generated content or untrusted diagram definitions. Development teams maintaining documentation platforms, wiki systems, or collaborative tools integrating Mermaid. Security teams responsible for client-side security in JavaScript-heavy applications.
Technical summary
The vulnerability stems from improper input sanitization in Mermaid's CSS style processing. The createCssStyles parser uses an unrestricted regex to capture classDef values, matching everything up to a newline character. These values pass through addStyleClass() unsanitized and are directly assigned to style.innerHTML. When a malicious payload contains a closing brace, it prematurely terminates the intended CSS selector, allowing attacker-controlled CSS rules to execute in the page context. This class of vulnerability enables multiple attack vectors: page defacement through visual manipulation, user tracking via CSS url() callbacks that trigger on interaction, and DOM attribute exfiltration using CSS selectors with attribute value matching. The attack requires user interaction with a crafted Mermaid diagram, limiting its exploitability but not eliminating risk in applications processing untrusted diagram definitions.
Defensive priority
medium
Recommended defensive actions
- Upgrade Mermaid to version 10.9.6 (for 10.x users) or 11.15.0 (for 11.x users) to remediate this vulnerability
- If immediate upgrade is not feasible, set securityLevel to sandbox in Mermaid configuration to render diagrams in a sandboxed iframe, preventing CSS injection
- Review applications using Mermaid for any state diagrams or other diagram types accepting user-controlled style strings
- Audit logs for suspicious CSS-related activity or unexpected network requests that may indicate exploitation attempts
- Validate and sanitize any user-supplied input passed to Mermaid diagram definitions, particularly classDef style values
Evidence notes
Vulnerability description and remediation details sourced from official CVE record and GitHub Security Advisory. Fix commits and release tags confirmed in source references. CVSS 4.0 vector indicates network attack vector with low attack complexity, requiring user interaction, with low impacts to integrity and availability.
Official resources
2026-05-22