CVE-2026-33311
Received Received - Intake
Cross-Site Scripting in DiceBear Avatar SVG Attribute Handling

Publication date: 2026-03-24

Last updated on: 2026-03-24

Assigner: GitHub, Inc.

Description
DiceBear is an avatar library for designers and developers. Starting in version 5.0.0 and prior to versions 5.4.4, 6.1.4, 7.1.4, 8.0.3, and 9.4.1, SVG attribute values derived from user-supplied options (`backgroundColor`, `fontFamily`, `textColor`) were not XML-escaped before interpolation into SVG output. This could allow Cross-Site Scripting (XSS) when applications pass untrusted input to `createAvatar()` and serve the resulting SVG inline or with `Content-Type: image/svg+xml`. Starting in versions 5.4.4, 6.1.4, 7.1.4, 8.0.3, and 9.4.1, all affected SVG attribute values are properly escaped using XML entity encoding. Users should upgrade to the listed patched versions. Some mitigating factors limit vulnerability. Applications that validate input against the library's JSON Schema before passing it to `createAvatar()` are not affected. The DiceBear CLI validates input via AJV and was not vulnerable. Exploitation requires that an application passes untrusted, unvalidated external input directly as option values.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-24
Last Modified
2026-03-24
Generated
2026-06-16
AI Q&A
2026-03-24
EPSS Evaluated
2026-06-15
NVD
CVE-2026-33311
EUVD
EUVD-2026-14182
Affected Vendors & Products
Showing 5 associated CPEs
Vendor Product Version / Range
dicebear dicebear From 5.0.0 (inc) to 5.4.4 (exc)
dicebear dicebear From 6.0.0 (inc) to 6.1.4 (exc)
dicebear dicebear From 7.0.0 (inc) to 7.1.4 (exc)
dicebear dicebear From 8.0.0 (inc) to 8.0.3 (exc)
dicebear dicebear From 9.0.0 (inc) to 9.4.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-33311 is a moderate severity vulnerability in the DiceBear avatar library affecting certain versions of the @dicebear/core and @dicebear/initials npm packages. The issue arises because some SVG attribute values derived from user-supplied optionsβ€”specifically backgroundColor, fontFamily, and textColorβ€”were not properly XML-escaped before being inserted into the SVG output. This improper escaping allows an attacker to perform Cross-Site Scripting (XSS) attacks if an application passes untrusted, unvalidated input directly to the createAvatar() function and serves the resulting SVG inline or with the Content-Type set to image/svg+xml.

The vulnerability affects multiple version ranges starting from 5.0.0 up to certain patched versions (5.4.4, 6.1.4, 7.1.4, 8.0.3, and 9.4.1) where the issue has been fixed by properly escaping all affected SVG attribute values using XML entity encoding.

Applications that validate input against the library’s JSON Schema before passing options to createAvatar() or use the DiceBear CLI (which validates input via AJV) are not vulnerable.

Impact Analysis

[{'type': 'paragraph', 'content': "This vulnerability can lead to Cross-Site Scripting (XSS) attacks, where malicious scripts can be injected into SVG images generated by the DiceBear library. If an application passes untrusted input directly to the createAvatar() function and serves the SVG inline or with the image/svg+xml content type, an attacker could execute arbitrary scripts in the context of the victim's browser."}, {'type': 'paragraph', 'content': 'The impact includes potential compromise of user confidentiality and integrity, such as stealing sensitive information or manipulating the content displayed to users. However, the CVSS score indicates the impact is moderate with low confidentiality and integrity impact, no availability impact, and requires user interaction and high attack complexity.'}] [1]

Compliance Impact

I don't know

Detection Guidance

This vulnerability involves unsanitized user-supplied options passed to the createAvatar() function in DiceBear avatar library versions prior to patched releases. Detection involves identifying if your application uses affected versions of @dicebear/core or @dicebear/initials and whether it passes untrusted input directly to createAvatar() without validation.

There are no specific commands provided in the resources to detect this vulnerability on your network or system.

A practical approach is to check your package.json or lock files for vulnerable DiceBear package versions and audit your code for usage of createAvatar() with unvalidated external input.

Mitigation Strategies

The primary mitigation is to upgrade the DiceBear packages @dicebear/core and @dicebear/initials to the patched versions: 5.4.4, 6.1.4, 7.1.4, 8.0.3, or 9.4.1 or later.

Additionally, ensure that any input passed to createAvatar() is validated against the library’s JSON Schema before use, as this validation prevents the vulnerability.

If upgrading immediately is not possible, avoid passing untrusted or unvalidated external input directly to createAvatar(), and consider serving SVGs in a way that does not allow inline execution or with safer content types.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-33311. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart