CVE-2026-26226 | lukilabs beautiful-mermaid up to 0.1.2 SVG Attribute cross site scripting

Inserito da Angelo Barbosa | Feb 13, 2026 | CVE

A vulnerability was found in lukilabs beautiful-mermaid up to 0.1.2. It has been declared as problematic. Affected by this issue is some unknown functionality of the component SVG Attribute Handler. The manipulation results in cross site scripting.

This vulnerability was named CVE-2026-26226. The attack may be performed from remote. There is no available exploit.

It is recommended to upgrade the affected component.

CVE-2026-26226 | lukilabs beautiful-mermaid up to 0.1.2 SVG Attribute cross site scripting

Post correlati

CVE-2023-47022 | NCR Terminal Handler 1.5.1 Script payload Privilege Escalation

CVE-2024-11411 | Spotlightr Plugin up to 0.1.9 on WordPress cross site scripting

CVE-2024-6524 | ShopXO up to 6.1.0 extend/base/Uploader.php source server-side request forgery

CVE-2024-20123 | MediaTek MT8789 Vdec out-of-bounds (MSV-1569 / ALPS09008925)