CVE-2026-41149 mermaid-js CVE debrief

Who should care

Organizations embedding Mermaid diagrams in web applications, documentation platforms, or collaborative tools; developers using Mermaid for dynamic diagram generation in user-facing interfaces; security teams reviewing client-side rendering libraries for injection risks

Technical summary

The vulnerability resides in Mermaid's state diagram renderer where the classDef directive fails to sanitize HTML content, allowing injection outside the intended SVG namespace. The parser strips <script> elements, preventing script execution, but other HTML tags pass through and can modify the surrounding DOM. This affects both the stable 10.x branch (through 10.9.5) and the 11.x development series (through 11.14.0). The sandbox securityLevel configuration mitigates by isolating diagram rendering in a separate iframe context, preventing DOM escape.

Defensive priority

medium

Recommended defensive actions

• Upgrade to Mermaid 10.9.6 or 11.15.0 or later to eliminate the HTML injection vector
• If immediate patching is not feasible, configure Mermaid with securityLevel set to sandbox to render diagrams in isolated iframes
• Review applications using Mermaid state diagrams for unexpected DOM modifications or UI anomalies
• Validate that downstream dependencies consuming Mermaid diagrams enforce the sandbox security level
• Monitor for future Mermaid security advisories given active development in v11 alpha/beta channels

Evidence notes

CVE published 2026-05-22; modified 2026-05-26. Advisory references GitHub Security Advisory GHSA-ghcm-xqfw-q4vr and two commits (37ff937f, 4e2d512b). CVSS 4.0 vector indicates network attack vector, low attack complexity, no privileges required, user interaction required, with impacts to integrity and availability sub-scores. CWE-94 (Improper Control of Generation of Code) cited as secondary weakness.

Official resources