A vulnerability, which was classified as problematic , was found in DiceBear up to 9.3.x . Affected by this vulnerability is the function ensureSize of the component SVG Handler . Executing a manipulation can lead to allocation of resources. This vulnerability is tracked as CVE-2026-29112 . The attack can be launched remotely. No exploit exists. You should upgrade the affected component.