CVE ID :CVE-2026-33418 Published : March 24, 2026, 1:25 p.m. | 41 minutes ago Description :DiceBear is an avatar library for designers and developers. Prior to version 9.4.2, the `ensureSize()` function in `@dicebear/converter` used a regex-based approach to rewrite SVG `width`/`height` attributes, capping them at 2048px to prevent denial of service. This size capping could be bypassed by crafting SVG input that causes the regex to match a non-functional occurrence of ` Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...