Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Tag: angularjs Clear
ID Title
CVE-2026-54264 Information Disclosure in @angular/service-worker (CVE-2026-54264)
vulnerability in @angular/service-worker (CVE-2026-54264). Risk of unauthorized operations or information disclosure. Exploitable via ``Authorization``.
CVE-2026-54268 Vulnerability in @angular/common (CVE-2026-54268)
vulnerability in @angular/common (CVE-2026-54268). Risk of unauthorized operations or information disclosure. Exploitable via ``formatDate``.
CVE-2026-54266 Vulnerability in @angular/common (CVE-2026-54266)
vulnerability in @angular/common (CVE-2026-54266). Risk of unauthorized operations or information disclosure. Exploitable via ``HttpTransferCache``.
CVE-2026-54265 Cross-Site Scripting (XSS) in @angular/compiler (CVE-2026-54265)
cross-site scripting in @angular/compiler (CVE-2026-54265). Risk of unauthorized operations or information disclosure. Exploitable via ``innerHTML``.
CVE-2026-50557 Cross-Site Scripting (XSS) in @angular/core (CVE-2026-50557)
cross-site scripting in @angular/core (CVE-2026-50557). Risk of unauthorized operations or information disclosure.
CVE-2026-50556 Cross-Site Scripting (XSS) in @angular/platform-server (CVE-2026-50556)
cross-site scripting in @angular/platform-server (CVE-2026-50556). Risk of unauthorized operations or information disclosure. Exploitable via ``domino``.
CVE-2026-50555 Cross-Site Scripting (XSS) in @angular/platform-server (CVE-2026-50555)
cross-site scripting in @angular/platform-server (CVE-2026-50555). Risk of unauthorized operations or information disclosure. Exploitable via ``domino``.
CVE-2026-50184 Information Disclosure in @angular/service-worker (CVE-2026-50184)
vulnerability in @angular/service-worker (CVE-2026-50184). Risk of unauthorized operations or information disclosure. Exploitable via `Authorization header`.
CVE-2026-50171 Vulnerability in @angular/common (CVE-2026-50171)
vulnerability in @angular/common (CVE-2026-50171). Risk of unauthorized operations or information disclosure. Exploitable via ``formatNumber``. Mitigation: upgrade to `21.2.15` or later.
CVE-2026-50170 Vulnerability in @angular/common (CVE-2026-50170)
vulnerability in @angular/common (CVE-2026-50170). Confidential information can be exposed externally. Exploitable via ``HttpTransferCache``. Mitigation: upgrade to `21.2.15` or later.
CVE-2026-52725 Cross-Site Scripting (XSS) in @angular/core (CVE-2026-52725)
cross-site scripting in @angular/core (CVE-2026-52725). Risk of unauthorized operations or information disclosure. Exploitable via ``createComponent``. Mitigation: upgrade to `20.3.22` or later.
CVE-2026-50169 Information Disclosure in @angular/service-worker (CVE-2026-50169)
vulnerability in @angular/service-worker (CVE-2026-50169). Risk of unauthorized operations or information disclosure. Exploitable via ``Request``. Mitigation: upgrade to `21.2.15` or later.
CVE-2026-50168 Vulnerability in @angular/platform-server (CVE-2026-50168)
vulnerability in @angular/platform-server (CVE-2026-50168). Confidential information can be exposed externally. Exploitable via `Host header`. Mitigation: upgrade to `21.2.15` or later.
CVE-2026-54267 Cross-Site Scripting (XSS) in @angular/core (CVE-2026-54267)
cross-site scripting in @angular/core (CVE-2026-54267). Risk of unauthorized operations or information disclosure. Exploitable via ``HttpClient``.
CVE-2026-46417 SSRF (Server-Side Request Forgery) in @angular/platform-server (CVE-2026-46417)
SSRF in @angular/platform-server (CVE-2026-46417). Risk of unauthorized operations or information disclosure. Exploitable via ``ServerPlatformLocation``.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →