Ghostwire
Home / Vulnerabilities / CVE-2026-41159

CVE-2026-41159: Mermaid: Improper sanitization of configuration leads to CSS injection

MEDIUM CVSS 5.5 Exploit Available

Published: May 11, 2026 | Last Modified: May 11, 2026

Description

Mermaid: Improper sanitization of configuration leads to CSS injection

Ghostwire Analysis — What This Means Practically

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

References