cross-site scripting in symfony/html-sanitizer (CVE-2026-48761). Risk of unauthorized operations or information disclosure. Exploitable via ``content``. Mitigation: upgrade to `8.0.13` or later.
vulnerability in @angular/service-worker (CVE-2026-50169). Risk of unauthorized operations or information disclosure. Exploitable via ``Request``. Mitigation: upgrade to `21.2.15` or later.
vulnerability in @angular/platform-server (CVE-2026-50168). Confidential information can be exposed externally. Exploitable via `Host header`. Mitigation: upgrade to `21.2.15` or later.
vulnerability in ws (CVE-2026-48779). Risk of unauthorized operations or information disclosure. Exploitable via ``maxPayload``. Mitigation: upgrade to `8.21.0` or later.
vulnerability in webpack-dev-server (CVE-2026-9595). Risk of unauthorized operations or information disclosure. Exploitable via ``Origin``. Mitigation: upgrade to `5.2.5` or later.