Vulnerabilities in angular

28 results

CVE-2025-66035HIGHAngular HTTP Client Has XSRF Token Leakage via Protocol-Relative URLsEPSS 0.6%CVE-2026-27739CRITICALAngular SSR is vulnerable to SSRF and Header Injection via request handling pipelineEPSS 0.5%CVE-2026-22610HIGHAngular has XSS Vulnerability via Unsanitized SVG Script AttributesEPSS 0.4%CVE-2026-27970HIGHAngular i18n vulnerable to Cross-Site Scripting (XSS)EPSS 0.4%CVE-2026-54264HIGHAngular: Sensitive Header Leakage on Cross-Origin Redirects in Angular Service WorkerEPSS 0.4%CVE-2026-52725MEDIUMAngular Template and Dynamic Component Namespace Bypass leading to Cross-Site Scripting (XSS)EPSS 0.4%CVE-2025-62427HIGHServer-Side Request Forgery (SSRF) in Angular SSREPSS 0.4%CVE-2025-66412HIGHAngular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML AttributesEPSS 0.4%CVE-2026-50556HIGHAngular: Missing `<noscript>` Raw-Text Serialization Escaping leads to Cross-Site Scripting (XSS) in Angular SSREPSS 0.3%CVE-2026-50555HIGHAngular: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in @angular/platform-serverEPSS 0.3%CVE-2026-50557MEDIUMAngular: Template and Attribute Namespace Sanitization Bypass (XSS)EPSS 0.3%CVE-2025-59052HIGHAngular SSR: Global Platform Injector Race Condition Leads to Cross-Request Data LeakageEPSS 0.3%CVE-2026-54265MEDIUMAngular: Two-Way Property Binding Sanitization Bypass (XSS)EPSS 0.3%CVE-2026-54268HIGHAngular: Denial of Service (DoS) via OOM in Date Formatting (formatDate)EPSS 0.3%CVE-2026-46417HIGHAngular: SSRF via Hostname Hijacking in @angular/platform-serverEPSS 0.3%CVE-2026-54267HIGHAngular Client Hydration DOM Clobbering & Response-Cache PoisoningEPSS 0.3%CVE-2026-50170HIGHAngular: Information Leak via Default Caching of Credentialed Requests in HttpTransferCacheEPSS 0.3%CVE-2026-27738MEDIUMAngular SSR has an Open Redirect via X-Forwarded-PrefixEPSS 0.3%CVE-2026-50171HIGHAngular: Denial of Service (DoS) via OOM in Number Formatting (digitsInfo)EPSS 0.3%CVE-2026-50168HIGHAngular: URL Parser Differential in @angular/platform-server leading to SSRF Allowlist BypassEPSS 0.3%

← previouspage 1 / 2next →