AIKIDO-2026-10460

TL;DR

The Astro Mermaid integration injects client-side script into built sites. Previously, icon packs could be executed via new Function built from serialized loader data, and Mermaid error handling interpolated error.message into innerHTML, allowing script or markup injection. Related paths embedded unsanitized JSON in inline scripts, had weak HAST attribute and tag handling, and allowed prototype pollution through mermaidConfig merging. The fix removes dynamic execution in favor of URL-based loading and fetch, uses safer DOM APIs and escaping, tightens serialization and allowlists, and rejects dangerous keys on config objects.