CVE-2025-54880

Mermaid is a JavaScript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. In the default configuration of mermaid 11.9.0 and earlier, user supplied input for architecture diagram icons is passed to the d3 html() method, creating a sink for cross site scripting. This vulnerability is fixed in 11.10.0.

Open

LOW (0.3)

System detected CVE-2025-54880
sbom-documentation
System detected CVE-2025-54880
sbom-documentation
System
sbom-documentation
System
sbom-documentation
System
button
System
button
System updated the risk assessment from 0 to 0.3
0.1.0
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.3
button
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.3
update-gitlab-integration-dokument
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.3
sbom-documentation
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.3
docu-update
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.3
add-workflows-components-docus
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.3
699-create-how-to-commit-documentation
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.3
713-Add-link-to-an-overview-of-all-the-Risk-Mitigation-Guides
System recalculated raw risk assessment
System updated the risk assessment from 0 to 0.3
704-Improve-DevGuard-Setup-Guide
System recalculated raw risk assessment
System updated the risk assessment from 0.3 to 0.6
docu-update
System recalculated raw risk assessment
System updated the risk assessment from 0.3 to 0.6
button
System recalculated raw risk assessment
System updated the risk assessment from 0.3 to 0.6
704-Improve-DevGuard-Setup-Guide
System recalculated raw risk assessment
System updated the risk assessment from 0.3 to 0.6
0.1.0
System recalculated raw risk assessment
System updated the risk assessment from 0.3 to 0.6
713-Add-link-to-an-overview-of-all-the-Risk-Mitigation-Guides
System recalculated raw risk assessment
System updated the risk assessment from 0.3 to 0.6
sbom-documentation
System recalculated raw risk assessment
System updated the risk assessment from 0.3 to 0.6
add-workflows-components-docus
System recalculated raw risk assessment
System updated the risk assessment from 0.3 to 0.6
699-create-how-to-commit-documentation
System recalculated raw risk assessment
System updated the risk assessment from 0.3 to 0.6
main
System recalculated raw risk assessment
System updated the risk assessment from 0.3 to 0.6
update-gitlab-integration-dokument
System recalculated raw risk assessment
System fixed CVE-2025-54880
0.1.0
System fixed CVE-2025-54880
sbom-documentation
System fixed CVE-2025-54880
704-Improve-DevGuard-Setup-Guide
System fixed CVE-2025-54880
add-workflows-components-docus
System fixed CVE-2025-54880
713-Add-link-to-an-overview-of-all-the-Risk-Mitigation-Guides
System fixed CVE-2025-54880
update-gitlab-integration-dokument
System fixed CVE-2025-54880
button
System fixed CVE-2025-54880
699-create-how-to-commit-documentation
System fixed CVE-2025-54880
docu-update
System fixed CVE-2025-54880
main
System detected CVE-2025-54880 with a risk of 0.3
0.1.0