Angular: Multiple Remote Code Execution Vulnerabilities in Angular Language Service VS Code Extension
Description
The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. Prior to 21.2.4, the client-side Angular Language Service VS Code extension reads the custom TypeScript SDK paths typescript.tsdk and js/ts.tsdk.path directly from workspace configurations (.vscode/settings.json) without verifying VS Code Workspace Trust state or asking for user consent (located in client/src/client.ts). The client-side extension then passes the parsed settings path as a command-line argument (--tsdk) to the background Node.js language server process. During server initialization, the background language server resolves and dynamically imports (via standard Node.js require()) the module library tsserverlibrary.js relative to the workspace-specified custom directory path. An attacker can exploit this behavior by committing a repository containing a local malicious tsserverlibrary.js script inside a custom folder, and a crafted .vscode/settings.json file pointing to that folder. When a developer opens the repository folder in VS Code, the extension automatically attempts to initialize and load the server, which dynamically resolves, loads, and executes the malicious script silently in the background. This vulnerability is fixed in 21.2.4.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <21.2.4
Patches
Vulnerability mechanics
Root cause
"The extension reads custom TypeScript SDK paths from workspace settings without verifying Workspace Trust, then passes the path to the language server which dynamically imports and executes the specified module."
Attack vector
An attacker commits a repository containing a malicious `tsserverlibrary.js` inside a custom folder and a crafted `.vscode/settings.json` pointing to that folder. When a developer opens the repository in VS Code, the extension automatically spawns the language server, which dynamically loads and executes the malicious script via Node.js `require()`, achieving zero-click remote code execution [ref_id=1]. This bypasses VS Code's Workspace Trust (Restricted Mode) security model.
Affected code
The client-side extension in `client/src/client.ts` reads `typescript.tsdk` and `js/ts.tsdk.path` from workspace `.vscode/settings.json` without verifying VS Code Workspace Trust or asking for user consent. The path is passed as `--tsdk` to the background language server, which dynamically `require()`s `tsserverlibrary.js` from that directory.
What the fix does
The fix in version 21.2.4 hardens `typescript.tsdk` configuration loading by prompting for user confirmation (PR #68857) and disables the language server in untrusted workspaces (PR #68886) [ref_id=1]. These changes prevent automatic loading of a workspace-specified TypeScript SDK path without explicit user consent, closing the dynamic library loading attack vector.
Preconditions
- configThe victim must have the Angular Language Service extension (Angular.ng-template) version prior to 21.2.4 installed and active.
- inputThe victim must open a repository folder containing a malicious .vscode/settings.json and a malicious tsserverlibrary.js.
- inputThe extension must automatically initialize and spawn the background language server upon opening the folder.
Generated on Jun 23, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
3- github.com/angular/angular/pull/68857mitrex_refsource_MISC
- github.com/angular/angular/pull/68886mitrex_refsource_MISC
- github.com/angular/angular/security/advisories/GHSA-ccq4-xmxr-8hcqmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.