VYPR

Angular

by Angular

npm: angular

Source repositories

CVEs (26)

  • CVE-2025-66035HigNov 26, 2025
    risk 0.43cvss epss 0.01

    Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability…

  • CVE-2026-54264higJun 15, 2026
    risk 0.39cvss epss 0.00

    An information disclosure vulnerability exists in the `@angular/service-worker` package of the Angular framework. When the Service Worker fetches assets, it preserves metadata (such as headers) from the original request. However, on cross-origin redirects, the Service Worker…

  • CVE-2026-54268higJun 15, 2026
    risk 0.39cvss epss 0.00

    A Denial of Service (DoS) vulnerability exists in the `@angular/common` package of the Angular framework. The `formatDate` function, which is also utilized by the standard Angular `DatePipe`, does not properly limit or validate the length of the `format` parameter. When…

  • CVE-2026-54266higJun 15, 2026
    risk 0.39cvss epss 0.00

    Angular's `HttpTransferCache` caches HTTP requests made during Server-Side Rendering (SSR) so that they can be reused during client-side hydration. This avoids repeating the same HTTP requests on the client. The cached responses are stored in `TransferState` using a cache key…

  • CVE-2026-54267higJun 15, 2026
    risk 0.39cvss epss 0.00

    To optimize client-side bootstrap in Server-Side Rendered (SSR) environments, Angular supports **Hydration** via `provideClientHydration()`. During SSR, Angular serializes the application's runtime state (such as cached `HttpClient` responses) and outputs it into the HTML stream…

  • CVE-2025-59052HigSep 10, 2025
    risk 0.39cvss epss 0.00

    Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Angular uses a DI container (the "platform injector") to hold request-specific state during server-side rendering. For historical reasons, the…

  • CVE-2026-50556higJun 15, 2026
    risk 0.38cvss epss 0.00

    A Cross-Site Scripting (XSS) vulnerability exists in `@angular/platform-server`'s DOM emulation dependency (`domino`) when serializing the content of `` elements. When rendering dynamic text content inside a `` element via template bindings (such as `{{…

  • CVE-2026-50555higJun 15, 2026
    risk 0.38cvss epss 0.00

    A Cross-Site Scripting (XSS) vulnerability exists in `@angular/platform-server`'s DOM emulation dependency (`domino`) when serializing the content of raw-text elements (such as ``, ``, and ``). `domino` supports escaping raw-text elements during…

  • CVE-2026-50171higJun 15, 2026
    risk 0.38cvss epss 0.00

    A Denial of Service (DoS) vulnerability exists in the `@angular/common` package of Angular. The `formatNumber` function, which is also utilized by `DecimalPipe`, `PercentPipe`, and `CurrencyPipe`, does not properly validate the upper bounds of the `digitsInfo` parameter.…

  • CVE-2026-50170higJun 15, 2026
    risk 0.38cvss epss 0.00

    A vulnerability was discovered in `@angular/common` when Server-Side Rendering (SSR) and hydration are enabled. The `HttpTransferCache` utility optimizes hydration by caching outgoing HTTP requests performed during SSR and transferring the cached state to the client-side…

  • CVE-2026-50168higJun 15, 2026
    risk 0.38cvss epss 0.00

    An issue in the `@angular/platform-server` package allows remote attackers to bypass host allowlist constraints and direct server-side outgoing requests to arbitrary external endpoints. This occurs due to a parser differential between the strict WHATWG URL parser used for…

  • CVE-2026-46417higMay 19, 2026
    risk 0.38cvss epss 0.00

    ### Impact A Server-Side Request Forgery (SSRF) vulnerability exists in `@angular/platform-server`. The issue stems from how the server-side rendering (SSR) engine processes the request URL provided to the rendering entry points. When an absolute-form URL (e.g.,…

  • CVE-2026-22610MedJan 10, 2026
    risk 0.33cvss 6.1epss 0.00

    Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0, a cross-site scripting (XSS) vulnerability has been identified in the Angular Template…

  • CVE-2025-66412MedDec 1, 2025
    risk 0.28cvss 5.4epss 0.00

    Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It…

  • CVE-2025-4690MedAug 19, 2025
    risk 0.28cvss 4.3epss 0.00

    A regular expression used by AngularJS'  linky https://docs.angularjs.org/api/ngSanitize/filter/linky  filter to detect URLs in input text is vulnerable to super-linear runtime due to backtracking. With a large carefully-crafted input, this can cause a Regular expression…

  • CVE-2026-41423MedMay 8, 2026
    risk 0.27cvss 5.3epss 0.00

    Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.21, 20.3.19, 21.2.9, and 22.0.0-next.8, a Server-Side Request Forgery (SSRF) vulnerability exists in…

  • CVE-2026-11998Jun 24, 2026
    risk 0.00cvss epss 0.00

    A flaw in AngularJS' Strict Contextual Escaping (SCE) logic allows bypassing certain SCE policies for resource URLs and can lead to arbitrary JavaScript execution within the context of the victim's browser session. SCE's purpose is to ensure that only trusted or safe values…

  • CVE-2026-54265Jun 15, 2026
    risk 0.00cvss epss 0.00

    An issue in the `@angular/compiler` package allows bypassing DOM property sanitization through the use of two-way property bindings. Specifically, when a native DOM property that requires sanitization (such as `innerHTML`, `srcdoc`, `src`, `href`, `data`, or `sandbox`) is bound…

  • CVE-2026-50557Jun 15, 2026
    risk 0.00cvss epss 0.00

    An issue in the `@angular/compiler` and `@angular/core` packages allows bypassing element and attribute sanitization/validation through specific namespace workarounds. Specifically, namespaced script elements (e.g., `<svg:script>` or `<:svg:script>`) were not properly…

  • CVE-2026-50184Jun 15, 2026
    risk 0.00cvss epss 0.00

    An issue in the `@angular/service-worker` package compromises the integrity of request-policy enforcement during request reconstruction. When the Angular Service Worker intercepts network requests for matched assets, it reconstructs a new `Request` object using an internal…

Page 1 of 2