| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-33397 | Angular SSR Vulnerable to Protocol-Relative URL Injection via Single Backslash Bypass | angular | angular-cli | 中危 | - | 2026-03-26 13:46:16 | Deep Dive |
| CVE-2026-32635 | Angular has XSS in i18n attribute bindings | @angular | compiler | 中危 | - | 2026-03-13 20:58:13 | Deep Dive |
| CVE-2026-27970 | Angular i18n vulnerable to Cross-Site Scripting (XSS) | angular | angular | - | - | 2026-02-26 02:03:44 | Deep Dive |
| CVE-2026-27739 | Angular SSR is vulnerable to SSRF and Header Injection via request handling pipeline | angular | angular-cli | - | - | 2026-02-25 16:47:30 | Deep Dive |
| CVE-2026-27738 | Angular SSR has an Open Redirect via X-Forwarded-Prefix | angular | angular-cli | - | - | 2026-02-25 16:40:45 | Deep Dive |
| CVE-2026-22610 | Angular has XSS Vulnerability via Unsanitized SVG Script Attributes | angular | angular | 中危 | - | 2026-01-10 03:35:41 | Deep Dive |
| CVE-2025-66412 | Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes | angular | angular | - | - | 2025-12-01 22:35:59 | Deep Dive |
| CVE-2025-66035 | Angular HTTP Client Has XSRF Token Leakage via Protocol-Relative URLs | angular | angular | - | - | 2025-11-26 22:18:36 | Deep Dive |
| CVE-2025-62427 | Server-Side Request Forgery (SSRF) in Angular SSR | angular | angular-cli | - | - | 2025-10-16 18:50:12 | Deep Dive |
| CVE-2025-59052 | Angular SSR: Global Platform Injector Race Condition Leads to Cross-Request Data Leakage | angular | angular | - | - | 2025-09-10 20:13:57 | Deep Dive |
| CVE-2025-6725 | Cross-Site Scripting (XSS) in PdfViewer | Progress Software | Kendo UI for jQuery | Medium | 5.4 | 2025-07-02 14:39:15 | Deep Dive |
| CVE-2025-23658 | WordPress Advanced Angular Contact Form plugin <= 1.1.0 - Reflected Cross Site Scripting (XSS) vulnerability | Tauhidul Alam | Advanced Angular Contact Form | High | 7.1 | 2025-02-14 12:44:31 | Deep Dive |
| CVE-2024-54152 | Angular Expressions - Remote Code Execution when using locals | peerigon | angular-expressions | 中危 | - | 2024-12-10 15:37:51 | Deep Dive |
| CVE-2024-21490 | angular 安全漏洞 | - | angular | High | 7.5 | 2024-02-10 05:00:02 | Deep Dive |
| CVE-2023-26116 | Angular 安全漏洞 | - | angular | Medium | 5.3 | 2023-03-30 05:00:03 | Deep Dive |
| CVE-2023-26118 | Angular 安全漏洞 | - | angular | Medium | 5.3 | 2023-03-30 05:00:02 | Deep Dive |
| CVE-2023-26117 | Angular 安全漏洞 | - | angular | Medium | 5.3 | 2023-03-30 05:00:01 | Deep Dive |
| CVE-2023-28444 | angular-server-side-configuration information disclosure vulnerability in monorepo with node.js backend | kyubisation | angular-server-side-configuration | Critical | 9.9 | 2023-03-24 19:59:00 | Deep Dive |
| CVE-2015-10035 | gperson angular-test-reporter data-server.js addTest sql injection | gperson | angular-test-reporter | Medium | 5.5 | 2023-01-09 20:43:55 | Deep Dive |
| CVE-2022-25869 | Angular 跨站脚本漏洞 | - | angular | Medium | 4.2 | 2022-07-15 20:02:03 | Deep Dive |