CVE-2026-41150 | mermaid-js mermaid up to 10.9.5/11.14.x ganttDb.getTasks excludes infinite loop (GHSA-6m6c-36f7-fhxh)

Inserito da Angelo Barbosa | Mag 29, 2026 | CVE

A vulnerability was found in mermaid-js mermaid up to 10.9.5/11.14.x and classified as problematic. This vulnerability affects the function ganttDb.getTasks. Such manipulation of the argument excludes leads to infinite loop.

This vulnerability is listed as CVE-2026-41150. The attack may be performed from remote. There is no available exploit.

It is suggested to upgrade the affected component.

CVE-2026-41150 | mermaid-js mermaid up to 10.9.5/11.14.x ganttDb.getTasks excludes infinite loop (GHSA-6m6c-36f7-fhxh)

Post correlati

CVE-2024-6644 | zmops ArgusDBM up to 0.1.0 AviatorScript CalculateAlarm.java getDefaultClassLoader deserialization (Issue 64)

CVE-2022-32502 | Nuki Bridge up to 1.21.x/2.13.1 Encrypted Token Parser buffer overflow

CVE-2024-13471 | designthemes DesignThemes Core Features Plugin up to 4.7 on WordPress dt_process_imported_file path traversal

CVE-2025-7745 | ABB AC500 V2 up to 2.5.2 buffer over-read