VYPR
Vendor

Angular

Products
5
CVEs
41
Across products
41
Status
Private

Products

5

Recent CVEs

41
View all 41 CVEs →
  • CVE-2026-27739CriFeb 25, 2026
    risk 0.53cvss epss 0.01

    The Angular SSR is a server-rise rendering tool for Angular applications. Versions prior to 21.2.0-rc.1, 21.1.5, 20.3.17, and 19.2.21 have a Server-Side Request Forgery (SSRF) vulnerability in the Angular SSR request handling pipeline. The vulnerability exists because…

  • CVE-2026-32635CriMar 16, 2026
    risk 0.52cvss 9.0epss 0.00

    Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-next.3, 21.2.4, 20.3.18, and 19.2.20, a Cross-Site Scripting (XSS) vulnerability has been identified in the Angular runtime and…

  • CVE-2025-62427HigOct 16, 2025
    risk 0.50cvss epss 0.00

    The Angular SSR is a server-rise rendering tool for Angular applications. The vulnerability is a Server-Side Request Forgery (SSRF) flaw within the URL resolution mechanism of Angular's Server-Side Rendering package (@angular/ssr) before 19.2.18, 20.3.6, and 21.0.0-next.8. The…

  • CVE-2025-66035HigNov 26, 2025
    risk 0.43cvss epss 0.01

    Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability…

  • CVE-2026-54264higJun 15, 2026
    risk 0.39cvss epss 0.00

    An information disclosure vulnerability exists in the `@angular/service-worker` package of the Angular framework. When the Service Worker fetches assets, it preserves metadata (such as headers) from the original request. However, on cross-origin redirects, the Service Worker…

  • CVE-2026-54268higJun 15, 2026
    risk 0.39cvss epss 0.00

    A Denial of Service (DoS) vulnerability exists in the `@angular/common` package of the Angular framework. The `formatDate` function, which is also utilized by the standard Angular `DatePipe`, does not properly limit or validate the length of the `format` parameter. When…

  • CVE-2026-54266higJun 15, 2026
    risk 0.39cvss epss 0.00

    Angular's `HttpTransferCache` caches HTTP requests made during Server-Side Rendering (SSR) so that they can be reused during client-side hydration. This avoids repeating the same HTTP requests on the client. The cached responses are stored in `TransferState` using a cache key…

  • CVE-2026-54267higJun 15, 2026
    risk 0.39cvss epss 0.00

    To optimize client-side bootstrap in Server-Side Rendered (SSR) environments, Angular supports **Hydration** via `provideClientHydration()`. During SSR, Angular serializes the application's runtime state (such as cached `HttpClient` responses) and outputs it into the HTML stream…

  • CVE-2025-59052HigSep 10, 2025
    risk 0.39cvss epss 0.00

    Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Angular uses a DI container (the "platform injector") to hold request-specific state during server-side rendering. For historical reasons, the…

  • CVE-2026-50556higJun 15, 2026
    risk 0.38cvss epss 0.00

    A Cross-Site Scripting (XSS) vulnerability exists in `@angular/platform-server`'s DOM emulation dependency (`domino`) when serializing the content of `` elements. When rendering dynamic text content inside a `` element via template bindings (such as `{{…

  • CVE-2026-50555higJun 15, 2026
    risk 0.38cvss epss 0.00

    A Cross-Site Scripting (XSS) vulnerability exists in `@angular/platform-server`'s DOM emulation dependency (`domino`) when serializing the content of raw-text elements (such as ``, ``, and ``). `domino` supports escaping raw-text elements during…

  • CVE-2026-50171higJun 15, 2026
    risk 0.38cvss epss 0.00

    A Denial of Service (DoS) vulnerability exists in the `@angular/common` package of Angular. The `formatNumber` function, which is also utilized by `DecimalPipe`, `PercentPipe`, and `CurrencyPipe`, does not properly validate the upper bounds of the `digitsInfo` parameter.…

  • CVE-2026-50170higJun 15, 2026
    risk 0.38cvss epss 0.00

    A vulnerability was discovered in `@angular/common` when Server-Side Rendering (SSR) and hydration are enabled. The `HttpTransferCache` utility optimizes hydration by caching outgoing HTTP requests performed during SSR and transferring the cached state to the client-side…

  • CVE-2026-50168higJun 15, 2026
    risk 0.38cvss epss 0.00

    An issue in the `@angular/platform-server` package allows remote attackers to bypass host allowlist constraints and direct server-side outgoing requests to arbitrary external endpoints. This occurs due to a parser differential between the strict WHATWG URL parser used for…

  • CVE-2026-46417higMay 19, 2026
    risk 0.38cvss epss 0.00

    ### Impact A Server-Side Request Forgery (SSRF) vulnerability exists in `@angular/platform-server`. The issue stems from how the server-side rendering (SSR) engine processes the request URL provided to the rendering entry points. When an absolute-form URL (e.g.,…

  • CVE-2026-27738MedFeb 25, 2026
    risk 0.38cvss epss 0.00

    The Angular SSR is a server-rise rendering tool for Angular applications. An Open Redirect vulnerability exists in the internal URL processing logic in versions on the 19.x branch prior to 19.2.21, the 20.x branch prior to 20.3.17, and the 21.x branch prior to 21.1.5 and…

  • CVE-2026-44437MedMay 13, 2026
    risk 0.33cvss 6.1epss 0.00

    The Angular SSR is a server-rise rendering tool for Angular applications. From 19.0.0-next.0 to before 19.2.25, 20.3.25, 21.2.9, and 22.0.0-next.7, a vulnerability exists in the X-Forwarded-Prefix header processing logic within Angular SSR. The internal validation mechanism…

  • CVE-2026-33397MedMar 26, 2026
    risk 0.33cvss 6.1epss 0.00

    The Angular SSR is a server-rise rendering tool for Angular applications. Versions on the 22.x branch prior to 22.0.0-next.2, the 21.x branch prior to 21.2.3, and the 20.x branch prior to 20.3.21 have an Open Redirect vulnerability in `@angular/ssr` due to an incomplete fix for…

  • CVE-2026-22610MedJan 10, 2026
    risk 0.33cvss 6.1epss 0.00

    Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0, a cross-site scripting (XSS) vulnerability has been identified in the Angular Template…

  • CVE-2025-2336MedJun 4, 2025
    risk 0.31cvss 4.8epss 0.00

    Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '' SVG elements in AngularJS's 'ngSanitize' module allows attackers to bypass common image source restrictions. This can lead to a form of Content Spoofing…