Vulners
Lucene search
Linux Distros Unpatched Vulnerability : CVE-2026-27970
| Reporter | Title | Published | Views | Family All 24 |
|---|---|---|---|---|
 | Security Bulletin: Multiple security vulnerabilities related to Angular and JJWT have been fixed in IBM Informix HQ 3.2.2. | 27 Apr 202606:31 | – | ibm |
| Security Bulletin: Due to use of core-18.2.14.tgz, IBM Sterling Connect:Direct Web Services is affected by cross-site scripting (XSS) issue. | 2 Jun 202614:46 | – | ibm |
| Security Bulletin: Multiple vulnerabilities found in IBM ApplinX. | 7 Apr 202616:51 | – | ibm |
 | CVE-2026-27970 | 26 Feb 202602:03 | – | attackerkb |
 | CVE-2026-27970 | 26 Feb 202606:18 | – | circl |
 | Angular 跨站脚本漏洞 | 26 Feb 202600:00 | – | cnnvd |
 | CVE-2026-27970 | 26 Feb 202602:03 | – | cve |
 | CVE-2026-27970 Angular i18n vulnerable to Cross-Site Scripting (XSS) | 26 Feb 202602:03 | – | cvelist |
 | CVE-2026-27970 | 26 Feb 202602:03 | – | debiancve |
 | EUVD-2026-8822 | 27 Feb 202618:33 | – | euvd |
10
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(300236);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/05/22");
script_cve_id("CVE-2026-27970");
script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2026-27970");
script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.
- Angular is a development platform for building mobile and desktop web applications using
TypeScript/JavaScript and other languages. Versions prior to 21.2.0, 21.1.16, 20.3.17, and 19.2.19 have a
cross-Site scripting vulnerability in the Angular internationalization (i18n) pipeline. In ICU messages
(International Components for Unicode), HTML from translated content was not properly sanitized and could
execute arbitrary JavaScript. Angular i18n typically involves three steps, extracting all messages from an
application in the source language, sending the messages to be translated, and then merging their
translations back into the final source code. Translations are frequently handled by contracts with
specific partner companies, and involve sending the source messages to a separate contractor before
receiving final translations for display to the end user. If the returned translations have malicious
content, it could be rendered into the application and execute arbitrary JavaScript. When successfully
exploited, this vulnerability allows for execution of attacker controlled JavaScript in the application
origin. Depending on the nature of the application being exploited this could lead to credential
exfiltration and/or page vandalism. Several preconditions apply to the attack. The attacker must
compromise the translation file (xliff, xtb, etc.). Unlike most XSS vulnerabilities, this issue is not
exploitable by arbitrary users. An attacker must first compromise an application's translation file before
they can escalate privileges into the Angular application client. The victim application must use Angular
i18n, use one or more ICU messages, render an ICU message, and not defend against XSS via a safe content
security policy. Versions 21.2.0, 21.1.6, 20.3.17, and 19.2.19 patch the issue. Until the patch is
applied, developers should consider reviewing and verifying translated content received from untrusted
third parties before incorporating it in an Angular application, enabling strict CSP controls to block
unauthorized JavaScript from executing on the page, and enabling Trusted Types to enforce proper HTML
sanitization. (CVE-2026-27970)
Note that Nessus relies on the presence of the package as reported by the vendor.");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2026-27970");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2026-27970");
script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2026-27970");
script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
script_set_attribute(attribute:"agent", value:"unix");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:U/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:U/RC:C");
script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N");
script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:U");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-27970");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vendor_unpatched", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2026/02/26");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/03/02");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:22.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:24.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:25.10");
script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:8");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:11.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:12.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:13.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:14.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:10");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:9");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:angular.js");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:intel-cmt-cat");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:intel-cmt-cat-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:librados-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:librados2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libradospp-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:librbd-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:librbd1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:angular.js");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:intel-cmt-cat");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:intel-cmt-cat-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librados-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librados2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libradospp-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librbd-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librbd1");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info2.nasl", "set_linux_os_id.nasl");
script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched", "Host/OS/identifier");
script_require_ports("Host/OS/CentOS Linux-8", "Host/OS/Debian Linux-11", "Host/OS/Debian Linux-12", "Host/OS/Debian Linux-13", "Host/OS/Debian Linux-14", "Host/OS/Red Hat Enterprise Linux-10", "Host/OS/Red Hat Enterprise Linux-8", "Host/OS/Red Hat Enterprise Linux-9", "Host/OS/Ubuntu Linux-16.04", "Host/OS/Ubuntu Linux-18.04", "Host/OS/Ubuntu Linux-20.04", "Host/OS/Ubuntu Linux-22.04", "Host/OS/Ubuntu Linux-24.04", "Host/OS/Ubuntu Linux-25.10");
exit(0);
}
if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/CentOS/rpm-list")) && empty_or_null(get_one_kb_item("Host/Debian/dpkg-l")) && empty_or_null(get_one_kb_item("Host/RedHat/rpm-list"))) audit(AUDIT_PACKAGE_LIST_MISSING);
include('linux_unpatched.inc');
var distro_constraints_array = {
"Debian Linux-11": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "11",
"pkgs": [
{"reference": "libjs-angularjs"}
]
}
]
},
"Debian Linux-12": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "12",
"pkgs": [
{"reference": "libjs-angularjs"}
]
}
]
},
"Debian Linux-13": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "13",
"pkgs": [
{"reference": "libjs-angularjs"}
]
}
]
},
"Debian Linux-14": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "14",
"pkgs": [
{"reference": "libjs-angularjs"}
]
}
]
},
"Ubuntu Linux-16.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "16.04",
"pkgs": [
{"reference": "libjs-angularjs"}
]
}
]
},
"Ubuntu Linux-18.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "18.04",
"pkgs": [
{"reference": "libjs-angularjs"}
]
}
]
},
"Ubuntu Linux-20.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "20.04",
"pkgs": [
{"reference": "angular.js"}
]
}
]
},
"Ubuntu Linux-22.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "22.04",
"pkgs": [
{"reference": "angular.js"}
]
}
]
},
"Ubuntu Linux-24.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "24.04",
"pkgs": [
{"reference": "angular.js"}
]
}
]
},
"Ubuntu Linux-25.10": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "25.10",
"pkgs": [
{"reference": "angular.js"}
]
}
]
},
"Red Hat Enterprise Linux-10": {
"package_manager": "rpm-list",
"constraints": [
{
"release": "10",
"pkgs": [
{"reference": "intel-cmt-cat"},
{"reference": "intel-cmt-cat-devel"},
{"reference": "librados-devel"},
{"reference": "librados2"},
{"reference": "libradospp-devel"},
{"reference": "librbd-devel"},
{"reference": "librbd1"}
]
}
]
},
"Red Hat Enterprise Linux-9": {
"package_manager": "rpm-list",
"constraints": [
{
"release": "9",
"pkgs": [
{"reference": "intel-cmt-cat"},
{"reference": "intel-cmt-cat-devel"},
{"reference": "librados-devel"},
{"reference": "librados2"},
{"reference": "libradospp-devel"},
{"reference": "librbd-devel"},
{"reference": "librbd1"}
]
}
]
},
"CentOS Linux-8": {
"package_manager": "rpm-list",
"constraints": [
{
"release": "8",
"pkgs": [
{"reference": "intel-cmt-cat"},
{"reference": "intel-cmt-cat-devel"}
]
}
]
},
"Red Hat Enterprise Linux-8": {
"package_manager": "rpm-list",
"constraints": [
{
"release": "8",
"pkgs": [
{"reference": "intel-cmt-cat"},
{"reference": "intel-cmt-cat-devel"}
]
}
]
}
};
var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);
if (!empty_or_null(report))
{
security_report_v4(
port : 0,
severity : SECURITY_NOTE,
extra : report
);
exit(0);
}
else
{
audit(AUDIT_HOST_NOT, 'affected');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
22 May 2026 00:00Current
7.7High risk
Vulners AI Score7.7
CVSS 3.16.1
CVSS 47.6
EPSS0.00055
SSVC