Mermaid, CSS Injection, CVE-2026-41159 (Moderate)

Listen to this Post

The vulnerability resides in Mermaid’s default configuration which fails to properly sanitize CSS injected via the fontFamily, themeCSS, and altFontFamily options. An attacker can supply a crafted diagram configuration, such as %%{init: {“fontFamily”: “x;a{b} :not(&){background:green !important} c{d}”}}%%, which leverages the stylis CSS preprocessor’s handling of the ampersand (&) scope reference. By using the :not(&) selector, the injected CSS escapes the automatic mermaid-xxx scoping applied by Mermaid, allowing styles to affect all page elements outside the diagram container. Furthermore, stylis hoists global at-rules like @font-face, @keyframes, and @counter-style to the top level of the document, enabling broader injection. This CSS injection can be used for page defacement or to exfiltrate DOM attributes via CSS :has() selectors, posing a moderate severity risk. The issue affects all Mermaid versions from 11.0.0-alpha.1 up to and including 11.14.0, as well as versions up to 10.9.5. Patches are available in versions 11.15.0 and 10.9.6.

dailycve form:

Platform: Mermaid.js
Version: 10.9.5/11.14.0
Vulnerability: CSS Injection
Severity: Moderate
date: 2026-05-11

Prediction: Patch date 2026-05-11

Analytics under heading What Undercode Say:

bash commands and codes:

Check vulnerable version

npm list mermaid

Patch to safe version

npm install [email protected]

Verify secure configuration

grep -r “securityLevel” .

Test for injection

echo ‘%%{init: {“fontFamily”: “test”}}%%’ | npx mermaid

Exploit:

Attacker supplies malicious diagram with CSS in fontFamily, themeCSS, or altFontFamily options, using :not(&) to break out of scoping and apply global styles or exfiltrate data.

Protection from this CVE

Upgrade to patched versions 11.15.0 or 10.9.6. If unable, set the “secure” config to true or “securityLevel”: “sandbox” to block modifications to vulnerable options.

Impact:

Page defacement and potential exfiltration of DOM attributes using CSS :has() selectors, affecting all page elements, not just the diagram.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top