CVE-2026-27739

creationtimestamp| type| source ---|---|--- 2026-02-26 01:40:19+00:00| seen| https://gist.github.com/alon710/53d0a446648e9dbad6bc94a3baf5290b 2026-03-03 17:18:06+00:00| seen| https://bsky.app/profile/thedailytechfeed.com/post/3mg6bliavpm2x 2026-03-25 04:27:05+00:00| seen|...

@cosla/sensemaking-web-ui (>=1.0.5 <=1.0.8), @manniwatch/client-desktop (>=0.30.0 <=0.30.1) +3 more potentially affected by CVE-2026-27739 via @angular/ssr (>=19.0.5 <=19.2.19)

@angular/ssr NPM version =19.0.5, =1.0.5, =0.30.0, =0.30.0, =19.0.0-alpha.20, =19.0.0-alpha.20, =19.0.0-alpha.24 Source cves: CVE-2026-27739 Source advisory: SNYK:JS-ANGULARSSR-15357314...

create-momentum-app (>=0.1.2 <=0.5.0) potentially affected by CVE-2026-27739 via @angular/ssr (=21.1.2)

@angular/ssr NPM version =21.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on @angular/ssr and may be impacted: - create-momentum-app =0.1.2, =0.5.0 Source cves: CVE-2026-27739 Source advisory: OSV:GHSA-X288-3778-4HHX...

@arsloptima/password-strength (=0.0.1), @asafmalin/ngrid (>=5.0.0 <=5.0.1) +41 more potentially affected by CVE-2026-27739 via @nguniversal/express-engine (>=10.0.2 <=16.2.0)

@nguniversal/express-engine NPM version =10.0.2, =5.0.0, =1.0.1, =0.0.42, =7.0.0, =6.1.1, =4.0.0, =1.0.0, =0.1.1, =2.0.0, =3.0.0, =4.3.8 and more Source cves: CVE-2026-27739 Source advisory: OSV:GHSA-X288-3778-4HHX...

@angular-devkit/build-angular (>=21.0.0 <=21.1.4), @eui/deps-base (>=21.0.0-alpha.10 <=23.0.0-alpha.1) +3 more potentially affected by CVE-2026-27739 via @angular/build (>=21.0.0-next.0 <=21.1.4)

@angular/build NPM version =21.0.0-next.0, =21.0.0, =21.0.0-alpha.10, =21.0.0-alpha.10, =21.0.0, =21.2.0-next.1 - ng-deploy-oss =21.0.0 Source cves: CVE-2026-27739 Source advisory: SNYK:JS-ANGULARBUILD-15357312...

create-momentum-app (>=0.1.2 <=0.5.0) potentially affected by CVE-2026-27739 via @angular/ssr (=21.1.2)

@angular/ssr NPM version =21.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on @angular/ssr and may be impacted: - create-momentum-app =0.1.2, =0.5.0 Source cves: CVE-2026-27739 Source advisory: SNYK:JS-ANGULARSSR-15357314...

@eui/deps-base (>=21.0.0-alpha.10 <=23.0.0-alpha.1), @eui/deps-base-light (>=21.0.0-alpha.10 <=23.0.0-alpha.1) +1 more potentially affected by CVE-2026-27739 via @angular-devkit/build-angular (>=21.0.0-next.1 <=21.1.0)

@angular-devkit/build-angular NPM version =21.0.0-next.1, =21.0.0-alpha.10, =21.0.0-alpha.10, =23.0.0-alpha.1 - ng-deploy-oss =21.0.0 Source cves: CVE-2026-27739 Source advisory: SNYK:JS-ANGULARDEVKITBUILDANGULAR-15357315...

@eui/deps-base-light-next (>=19.2.2 <=21.0.0-alpha.32), @eui/deps-base-next (>=19.2.2 <=21.0.0-alpha.32) +1 more potentially affected by CVE-2026-27739 via @angular-devkit/build-angular (>=20.0.0-rc.0 <=20.1.0)

@angular-devkit/build-angular NPM version =20.0.0-rc.0, =19.2.2, =19.2.2, =21.0.0-alpha.32 - ng-deploy-oss =20.0.0 Source cves: CVE-2026-27739 Source advisory: SNYK:JS-ANGULARDEVKITBUILDANGULAR-15357315...

@angular-devkit/build-angular (>=21.2.0-next.0 <=21.2.0-next.2) potentially affected by CVE-2026-27739 via @angular/build (>=21.2.0-next.0 <=21.2.0-next.2)

@angular/build NPM version =21.2.0-next.0, =21.2.0-next.0, =21.2.0-next.2 Source cves: CVE-2026-27739 Source advisory: SNYK:JS-ANGULARBUILD-15357312...

@angular-devkit/build-angular (>=20.0.0 <=20.3.16), @eui/deps-base-light-next (>=19.2.2 <=21.0.0-alpha.32) +6 more potentially affected by CVE-2026-27739 via @angular/build (>=20.0.0-next.0 <=20.3.16)

@angular/build NPM version =20.0.0-next.0, =20.0.0, =19.2.2, =19.2.2, =21.1.0, =0.0.0-pr-32415-1daf78a, =0.0.0-pr-32415-1daf78a, =0.1.3, =0.1.31 - ng-deploy-oss =20.0.0 Source cves: CVE-2026-27739 Source advisory: SNYK:JS-ANGULARBUILD-15357312...

CVE-2023-27739

easyXDM 2.5 allows XSS via the xdme parameter...

CVE-2025-27739

Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally...

CVE-2025-27739 Windows Kernel Elevation of Privilege Vulnerability

...

CVE-2025-27739

creationtimestamp| type| source ---|---|--- 2025-04-08 16:14:25+00:00| seen| https://www.thezdi.com/blog/2025/4/8/the-april-2025-security-update-review 2025-04-08 17:46:49+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10973...

CVE-2023-27739

creationtimestamp| type| source ---|---|--- 2024-01-08 22:26:42+00:00| seen| https://t.me/ctinow/164670 2024-01-25 18:51:56+00:00| seen| https://t.me/ctinow/173687 2025-06-18 16:43:45+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18795...

CVE-2023-27739

easyXDM 2.5 allows XSS via the xdme parameter...

CVE-2023-27739

easyXDM 2.5 allows XSS via the xdme parameter...

CVE-2023-27739

easyXDM 2.5 allows XSS via the xdme parameter...

CVE-2023-27739

CVE-2023-27739 affects easyXDM 2.5, where the xdm_e parameter allows cross-site scripting (XSS). Multiple connected sources confirm an XSS vulnerability in easyXDM 2.5, with PoC-like exploitation noted in the advisory. Impact is limited to achieving XSS via the xdm_e parameter; no explicit patche...

Citadel WebCit Cross Site Scripting (CVE-2020-27739)

A cross-site scripting vulnerability exists in Citadel WebCit. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...