CVE-2026-33311
Cross-Site Scripting in DiceBear Avatar SVG Attribute Handling
Publication date: 2026-03-24
Last updated on: 2026-03-24
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dicebear | dicebear | From 5.0.0 (inc) to 5.4.4 (exc) |
| dicebear | dicebear | From 6.0.0 (inc) to 6.1.4 (exc) |
| dicebear | dicebear | From 7.0.0 (inc) to 7.1.4 (exc) |
| dicebear | dicebear | From 8.0.0 (inc) to 8.0.3 (exc) |
| dicebear | dicebear | From 9.0.0 (inc) to 9.4.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-33311 is a moderate severity vulnerability in the DiceBear avatar library affecting certain versions of the @dicebear/core and @dicebear/initials npm packages. The issue arises because some SVG attribute values derived from user-supplied optionsβspecifically backgroundColor, fontFamily, and textColorβwere not properly XML-escaped before being inserted into the SVG output. This improper escaping allows an attacker to perform Cross-Site Scripting (XSS) attacks if an application passes untrusted, unvalidated input directly to the createAvatar() function and serves the resulting SVG inline or with the Content-Type set to image/svg+xml.
The vulnerability affects multiple version ranges starting from 5.0.0 up to certain patched versions (5.4.4, 6.1.4, 7.1.4, 8.0.3, and 9.4.1) where the issue has been fixed by properly escaping all affected SVG attribute values using XML entity encoding.
Applications that validate input against the libraryβs JSON Schema before passing options to createAvatar() or use the DiceBear CLI (which validates input via AJV) are not vulnerable.
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': "This vulnerability can lead to Cross-Site Scripting (XSS) attacks, where malicious scripts can be injected into SVG images generated by the DiceBear library. If an application passes untrusted input directly to the createAvatar() function and serves the SVG inline or with the image/svg+xml content type, an attacker could execute arbitrary scripts in the context of the victim's browser."}, {'type': 'paragraph', 'content': 'The impact includes potential compromise of user confidentiality and integrity, such as stealing sensitive information or manipulating the content displayed to users. However, the CVSS score indicates the impact is moderate with low confidentiality and integrity impact, no availability impact, and requires user interaction and high attack complexity.'}] [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves unsanitized user-supplied options passed to the createAvatar() function in DiceBear avatar library versions prior to patched releases. Detection involves identifying if your application uses affected versions of @dicebear/core or @dicebear/initials and whether it passes untrusted input directly to createAvatar() without validation.
There are no specific commands provided in the resources to detect this vulnerability on your network or system.
A practical approach is to check your package.json or lock files for vulnerable DiceBear package versions and audit your code for usage of createAvatar() with unvalidated external input.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation is to upgrade the DiceBear packages @dicebear/core and @dicebear/initials to the patched versions: 5.4.4, 6.1.4, 7.1.4, 8.0.3, or 9.4.1 or later.
Additionally, ensure that any input passed to createAvatar() is validated against the libraryβs JSON Schema before use, as this validation prevents the vulnerability.
If upgrading immediately is not possible, avoid passing untrusted or unvalidated external input directly to createAvatar(), and consider serving SVGs in a way that does not allow inline execution or with safer content types.