CVE-2026-33418
Received Received - Intake
Regex Bypass in DiceBear SVG Parsing Causes DoS via OOM

Publication date: 2026-03-24

Last updated on: 2026-03-24

Assigner: GitHub, Inc.

Description
DiceBear is an avatar library for designers and developers. Prior to version 9.4.2, the `ensureSize()` function in `@dicebear/converter` used a regex-based approach to rewrite SVG `width`/`height` attributes, capping them at 2048px to prevent denial of service. This size capping could be bypassed by crafting SVG input that causes the regex to match a non-functional occurrence of `<svg` before the actual SVG root element. When the SVG is subsequently rendered via `@resvg/resvg-js` on the Node.js code path, it renders at the attacker-specified dimensions, potentially causing out-of-memory crashes. In version 9.4.2, the regex-based approach has been replaced with XML-aware processing using `fast-xml-parser` to correctly identify and modify the SVG root element's attributes. Additionally, a `fitTo` constraint has been added to the `renderAsync` call as defense-in-depth, ensuring the rendered output is always bounded regardless of SVG content.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-24
Last Modified
2026-03-24
Generated
2026-06-16
AI Q&A
2026-03-24
EPSS Evaluated
2026-06-15
NVD
CVE-2026-33418
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
dicebear dicebear to 9.4.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-185 The product specifies a regular expression in a way that causes data to be improperly matched or compared.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-33418 is a high-severity vulnerability in the npm package @dicebear/converter affecting versions up to 9.4.1. The issue is in the ensureSize() function, which uses a regex-based method to rewrite SVG width and height attributes, capping them at 2048 pixels to prevent denial of service attacks caused by excessive resource consumption.

The vulnerability arises because the regex does not correctly identify the actual SVG root element and can be tricked by crafted SVG input containing a decoy <svg tag inside an XML comment before the real root element. This causes the regex to match the wrong tag, leaving the real SVG dimensions unchecked.

When such malicious SVG is rendered on the Node.js code path using @resvg/resvg-js’s renderAsync function, which lacks proper size constraints, it renders at attacker-specified dimensions. This can lead to excessive memory allocation, potentially causing out-of-memory crashes and denial of service.

The vulnerability was fixed in version 9.4.2 by replacing the regex-based approach with XML-aware processing using fast-xml-parser and adding a fitTo constraint to ensure rendered output dimensions are always bounded.

Impact Analysis

This vulnerability can impact you by causing denial of service (DoS) conditions in applications that process untrusted or user-supplied SVG content using @dicebear/converter’s Node.js conversion functions.

An attacker can craft malicious SVG input that bypasses size restrictions, causing the rendering process to consume excessive memory and potentially crash the application due to out-of-memory errors.

The impact is limited to availability, meaning it does not compromise confidentiality or integrity but can disrupt service availability.

Any application using @dicebear/converter independently of DiceBear’s avatar generation and processing SVG input is at risk.

Compliance Impact

I don't know

Detection Guidance

This vulnerability affects applications using the @dicebear/converter package versions up to 9.4.1 that process untrusted or user-supplied SVG content on the Node.js code path. Detection involves identifying if your system uses a vulnerable version of @dicebear/converter and whether it processes SVG inputs through the affected functions (toPng, toJpeg, toWebp, toAvif).

Since the vulnerability is triggered by crafted SVG inputs containing a decoy <svg tag inside XML comments before the actual root element, monitoring for such SVG payloads in your input data could help detect exploitation attempts.

To detect vulnerable versions, you can run commands to check installed package versions, for example:

  • npm list @dicebear/converter
  • yarn list --pattern @dicebear/converter

Additionally, you can scan logs or network traffic for SVG inputs containing suspicious patterns such as XML comments with <svg tags before the root element.

Mitigation Strategies

The primary mitigation is to upgrade the @dicebear/converter package to version 9.4.2 or later, where the vulnerability is fixed by replacing the regex-based SVG size capping with XML-aware processing and adding a fitTo constraint to the renderAsync call.

If upgrading immediately is not possible, consider restricting or sanitizing untrusted SVG inputs to prevent maliciously crafted SVGs from being processed.

Also, monitor your application for unusual memory usage or crashes that could indicate exploitation attempts.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-33418. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart