diff --git a/package.json b/package.json
index fad00bef53..2a9cc920d0 100644
--- a/package.json
+++ b/package.json
@@ -52,7 +52,7 @@
     "classnames": "^2.2.6",
     "d3": "^3.5.17",
     "debug": "^3.2.7",
-    "dompurify": "^2.0.17",
+    "dompurify": "^3.4.0",
     "elliptic": "^6.6.0",
     "font-awesome": "^4.7.0",
     "history": "^4.10.1",
@@ -105,6 +105,7 @@
     "babel-plugin-istanbul": "^6.1.1",
     "babel-plugin-transform-builtin-extend": "^1.1.2",
     "copy-webpack-plugin": "^13.0.1",
+    "core-js": "^2.6.12",
     "css-loader": "^7.1.4",
     "cypress": "^11.2.0",
     "dayjs": "^1.11.9",
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index ba5adae8fb..73ce5c21e3 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -45,8 +45,8 @@ importers:
         specifier: ^3.2.7
         version: 3.2.7(supports-color@8.1.1)
       dompurify:
-        specifier: ^2.0.17
-        version: 2.5.8
+        specifier: ^3.4.0
+        version: 3.4.7
       elliptic:
         specifier: ^6.6.0
         version: 6.6.1
@@ -198,6 +198,9 @@ importers:
       copy-webpack-plugin:
         specifier: ^13.0.1
         version: 13.0.1(webpack@5.105.3)
+      core-js:
+        specifier: ^2.6.12
+        version: 2.6.12
       css-loader:
         specifier: ^7.1.4
         version: 7.1.4(webpack@5.105.3)
@@ -377,8 +380,8 @@ importers:
         specifier: ^3.1.0
         version: 3.2.7(supports-color@8.1.1)
       dompurify:
-        specifier: ^2.0.7
-        version: 2.5.8
+        specifier: ^3.4.0
+        version: 3.4.7
       font-awesome:
         specifier: ^4.7.0
         version: 4.7.0
@@ -455,9 +458,6 @@ importers:
       '@types/debug':
         specifier: ^4.1.5
         version: 4.1.12
-      '@types/dompurify':
-        specifier: ^2.0.4
-        version: 2.4.0
       '@types/enzyme':
         specifier: ^3.10.8
         version: 3.10.19
@@ -2136,9 +2136,6 @@ packages:
   '@types/debug@4.1.12':
     resolution: {integrity: sha512-vIChWdVG3LG1SMxEvI/AK+FWJthlrqlTu7fbrlywTkkaONwk/UAGaULXRlf8vkzFBLVm0zkMdCquhL5aOjhXPQ==}
 
-  '@types/dompurify@2.4.0':
-    resolution: {integrity: sha512-IDBwO5IZhrKvHFUl+clZxgf3hn2b/lU6H1KaBShPkQyGJUQ0xwebezIPSuiyGwfz1UzJWQl4M7BDxtHtCCPlTg==}
-
   '@types/enzyme@3.10.19':
     resolution: {integrity: sha512-kIfCo6/DdpgCHgmrLgPTugjzbZ46BUK8S2IP0kYo8+62LD2l1k8mSVsc+zQYNTdjDRoh2E9Spxu6F1NnEiW38Q==}
 
@@ -3923,8 +3920,8 @@ packages:
     resolution: {integrity: sha512-cgwlv/1iFQiFnU96XXgROh8xTeetsnJiDsTc7TYCLFd9+/WNkIqPTxiM/8pSd8VIrhXGTf1Ny1q1hquVqDJB5w==}
     engines: {node: '>= 4'}
 
-  dompurify@2.5.8:
-    resolution: {integrity: sha512-o1vSNgrmYMQObbSSvF/1brBYEQPHhV1+gsmrusO7/GXtp1T9rCS8cXFqVxK/9crT1jA6Ccv+5MTSjBNqr7Sovw==}
+  dompurify@3.4.7:
+    resolution: {integrity: sha512-2jBxDJY4RR06tQNy4w5FlFH7kfxsQZlufd0sbv+chfHCxeJwrFw2baUDsSwvBISD4K4RDbd0PTfy3uNXsR6siA==}
 
   domutils@2.8.0:
     resolution: {integrity: sha512-w96Cjofp72M5IIhpjgobBimYEfoPjx1Vx0BSX9P30WBdZW2WIKU0T1Bd0kz2eNZ9ikjKgHbEyKx8BB6H1L3h3A==}
@@ -10886,10 +10883,6 @@ snapshots:
     dependencies:
       '@types/ms': 2.1.0
 
-  '@types/dompurify@2.4.0':
-    dependencies:
-      '@types/trusted-types': 2.0.7
-
   '@types/enzyme@3.10.19':
     dependencies:
       '@types/cheerio': 0.22.35
@@ -11084,7 +11077,8 @@ snapshots:
 
   '@types/triple-beam@1.3.5': {}
 
-  '@types/trusted-types@2.0.7': {}
+  '@types/trusted-types@2.0.7':
+    optional: true
 
   '@types/ws@8.18.1':
     dependencies:
@@ -12949,7 +12943,9 @@ snapshots:
     dependencies:
       domelementtype: 2.3.0
 
-  dompurify@2.5.8: {}
+  dompurify@3.4.7:
+    optionalDependencies:
+      '@types/trusted-types': 2.0.7
 
   domutils@2.8.0:
     dependencies:
diff --git a/viz-lib/package.json b/viz-lib/package.json
index 80acffe80a..c9e6b6c63c 100644
--- a/viz-lib/package.json
+++ b/viz-lib/package.json
@@ -41,7 +41,6 @@
     "@types/d3": "^6.2.0",
     "@types/d3-cloud": "^1.2.3",
     "@types/debug": "^4.1.5",
-    "@types/dompurify": "^2.0.4",
     "@types/enzyme": "^3.10.8",
     "@types/jest": "^26.0.18",
     "@types/leaflet": "^1.5.19",
@@ -86,7 +85,7 @@
     "d3": "^3.5.17",
     "d3-cloud": "^1.2.4",
     "debug": "^3.1.0",
-    "dompurify": "^2.0.7",
+    "dompurify": "^3.4.0",
     "font-awesome": "^4.7.0",
     "hoist-non-react-statics": "^3.3.0",
     "leaflet": "~1.3.1",
diff --git a/viz-lib/src/services/sanitize.ts b/viz-lib/src/services/sanitize.ts
index 47521ba408..ab4670dc58 100644
--- a/viz-lib/src/services/sanitize.ts
+++ b/viz-lib/src/services/sanitize.ts
@@ -20,4 +20,10 @@ DOMPurify.addHook("afterSanitizeAttributes", function(node) {
 
 export { DOMPurify };
 
-export default DOMPurify.sanitize;
+// DOMPurify 3 returns TrustedHTML | string; annotate so declaration emit stays portable.
+const sanitize = DOMPurify.sanitize as (
+  dirty: string | Node,
+  cfg?: DOMPurify.Config
+) => string;
+
+export default sanitize;