Description
Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and earlier, as well as 11.0.0-alpha.1 through 11.14.0, are vulnerable to HTML injection under the default configuration. Specifically, the classDef directive in Mermaid state diagrams permits DOM injection that escapes the SVG context. However, <script> tags are stripped, which prevents cross-site scripting (XSS). This issue has been fixed in versions 10.9.6 and 11.15.0. If developers are unable to immediately upgrade, they can work around this issue by setting "securityLevel": "sandbox", which prevents the issue by rendering the mermaid diagram in a sandboxed <iframe>.
Published: 2026-05-22
Score: 5.3 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Malicious input in the classDef directive can inject arbitrary HTML elements into a diagram. It is classified as a CWE-94 code injection vulnerability. The vulnerability escapes the SVG context but strips <script> tags, so it does not directly allow XSS, yet it still permits DOM injection that may be abused to manipulate the page, exfiltrate information, or create phishing interfaces within the diagram container.

Affected Systems

Mermaid-js Mermaid packages prior to version 10.9.6 and prior to 11.15.0, specifically 10.9.5 and older, as well as 11.0.0-alpha.1 through 11.14.0, are affected under the default configuration.

Risk and Exploitability

With a CVSS score of 5.3 and no EPSS information, the risk is moderate. The vulnerability is not listed in the CISA KEV catalog. Attackers could exploit it by delivering a crafted diagram via a web page or API that renders Mermaid. While the injection does not enable script execution directly, the injected HTML can manipulate the DOM or embed hidden iframes, potentially facilitating data exfiltration or click‑jacking. The likely attack vector, inferred from the description, is remote, relying on the victim’s browser rendering the diagram under the default configuration.

Generated by OpenCVE AI on May 23, 2026 at 01:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Mermaid to version 10.9.6 or later, 11.15.0 or newer.
  • If an immediate upgrade is not possible, configure Mermaid with "securityLevel": "sandbox", which renders diagrams in a sandboxed iframe and blocks the injection.
  • Verify that inputs used to generate Mermaid diagrams originate from trusted sources, and consider sanitizing or removing any custom classDef lines that may contain malicious content.

Generated by OpenCVE AI on May 23, 2026 at 01:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-ghcm-xqfw-q4vr Mermaid: Improper sanitization of `classDef` in state diagrams leads to HTML injection
History

Sat, 23 May 2026 04:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 22 May 2026 22:45:00 +0000

Type Values Removed Values Added
Description Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and earlier, as well as 11.0.0-alpha.1 through 11.14.0, are vulnerable to HTML injection under the default configuration. Specifically, the classDef directive in Mermaid state diagrams permits DOM injection that escapes the SVG context. However, <script> tags are stripped, which prevents cross-site scripting (XSS). This issue has been fixed in versions 10.9.6 and 11.15.0. If developers are unable to immediately upgrade, they can work around this issue by setting "securityLevel": "sandbox", which prevents the issue by rendering the mermaid diagram in a sandboxed <iframe>.
Title Mermaid: Improper sanitization of `classDef` in state diagrams leads to HTML injection
Weaknesses CWE-94
References
Metrics cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-23T03:22:44.013Z

Reserved: 2026-04-17T12:59:15.739Z

Link: CVE-2026-41149

cve-icon Vulnrichment

Updated: 2026-05-23T03:22:31.642Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-23T01:30:05Z

Weaknesses