{"vulnerability": "CVE-2026-41148", "sightings": [{"uuid": "b28b8131-3ab3-4edc-b4ec-ab77d56fe6a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41148", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmihrnd37y2n", "content": "CVE-2026-41148 - Mermaid: Improper sanitization of `classDefs` in diagrams leads to CSS injection\nCVE ID : CVE-2026-41148\n \n Published : May 22, 2026, 10:03 p.m. | 2\u00a0hours, 26\u00a0minutes ago\n \n Description : Mermaid is a JavaScript tool that uses Markdown-inspired text to create ...", "creation_timestamp": "2026-05-23T03:06:41.748027Z"}, {"uuid": "6434fc28-0242-4efb-974f-a9ac2af4c94e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-41148", "type": "published-proof-of-concept", "source": "https://github.com/mermaid-js/mermaid/security/advisories/GHSA-xcj9-5m2h-648r", "content": "", "creation_timestamp": "2026-05-11T17:37:06.000000Z"}]}