Lucene search
K

428 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-50555

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.1...

8.6CVSS6.1AI score0.00167EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-54266

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, an...

8.8CVSS6AI score0.0009EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.15 views

PT-2026-51509

Name of the Vulnerable Software and Affected Versions Nuxt versions prior to 4.4.7 Nuxt versions prior to 3.21.7 Description When running the development server on Linux, the vite-node IPC Inter-Process Communication server binds to an abstract-namespace Unix socket without permission restriction...

6.8CVSS5.9AI score0.00103EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-54267

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, an...

8.6CVSS6AI score0.00179EPSS
Exploits0References3
NVD
NVD
added 2026/06/22 7:17 p.m.10 views

CVE-2026-54299

Astro is a web framework. Prior to 6.4.6, Astro SSR apps with prerendered error pages /404 or /500 using export const prerender = true fetch those pages over HTTP at runtime when an error occurs. The URL for this fetch is derived from request.url, which in turn gets its origin from the incoming...

7.5CVSS0.00196EPSS
Exploits0References1
NVD
NVD
added 2026/06/22 7:17 p.m.11 views

CVE-2026-54298

Astro is a web framework. Prior to 6.4.6, the spreadAttributes function in Astro's server-side rendering pipeline iterates over object keys and passes them directly to addAttribute, which interpolates the key into the HTML output without escaping. When a developer uses the spread syntax ...props ...

6.1CVSS0.0016EPSS
Exploits1References1
NVD
NVD
added 2026/06/22 7:17 p.m.28 views

CVE-2026-50146

Astro is a web framework. Prior to 6.3.3, when a component uses a client: directive, Astro inserts named slot content into a data-astro-template attribute without HTML escaping the slot name allowing an attacker to break out of the attribute context and inject arbitrary HTML, resulting in reflect...

7.1CVSS0.00177EPSS
Exploits1References1
OSV
OSV
added 2026/06/22 6:16 p.m.5 views

DEBIAN-CVE-2026-50555

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.16, 20.3.24, and 19.2.25, a Cross-Site Scripting XSS vulnerability exists in @angular/platform-server's DOM emulation dependency domino wh...

6.1CVSS6AI score0.00167EPSS
Exploits0References1
OSV
OSV
added 2026/06/22 6:16 p.m.6 views

DEBIAN-CVE-2026-50556

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.16, 20.3.24, and 19.2.25, a Cross-Site Scripting XSS vulnerability exists in @angular/platform-server's DOM emulation dependency domino wh...

6.1CVSS5.9AI score0.00239EPSS
Exploits0References1
NVD
NVD
added 2026/06/22 6:16 p.m.11 views

CVE-2026-50556

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.16, 20.3.24, and 19.2.25, a Cross-Site Scripting XSS vulnerability exists in @angular/platform-server's DOM emulation dependency domino wh...

8.6CVSS0.00239EPSS
Exploits0References6
OSV
OSV
added 2026/06/22 6:16 p.m.5 views

DEBIAN-CVE-2026-50170

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, a vulnerability was discovered in @angular/common when Server-Side Rendering SSR and hydration are enabled. The...

7.5CVSS5.8AI score0.00267EPSS
Exploits0References1
NVD
NVD
added 2026/06/22 6:16 p.m.10 views

CVE-2026-50170

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, a vulnerability was discovered in @angular/common when Server-Side Rendering SSR and hydration are enabled. The...

8.2CVSS0.00267EPSS
Exploits0References2
OSV
OSV
added 2026/06/22 6:16 p.m.5 views

DEBIAN-CVE-2026-46417

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-next.12, 21.2.13, 20.3.21, and 19.2.22, a Server-Side Request Forgery SSRF vulnerability exists in @angular/platform-server. The issue stems from how...

6.1CVSS5.8AI score0.00221EPSS
Exploits0References1
NVD
NVD
added 2026/06/22 6:16 p.m.11 views

CVE-2026-46417

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-next.12, 21.2.13, 20.3.21, and 19.2.22, a Server-Side Request Forgery SSRF vulnerability exists in @angular/platform-server. The issue stems from how...

8.8CVSS0.00221EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/22 5:33 p.m.4 views

CVE-2026-54299

Astro is a web framework. Prior to 6.4.6, Astro SSR apps with prerendered error pages /404 or /500 using export const prerender = true fetch those pages over HTTP at runtime when an error occurs. The URL for this fetch is derived from request.url, which in turn gets its origin from the incoming...

7.5CVSS6AI score0.00196EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/22 5:33 p.m.26 views

CVE-2026-54299

Summary of CVE-2026-54299 (Astro) : Astro SSR apps that prerender error pages (e.g., 404/500 with prerender = true) fetch those pages over HTTP using a URL derived from request.url, which is based on the Host header. If Host is not validated against allowedDomains, an attacker can direct the fetc...

7.5CVSS6AI score0.00196EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/22 5:31 p.m.32 views

CVE-2026-50146 Astro: Reflected XSS via unescaped slot name

Astro is a web framework. Prior to 6.3.3, when a component uses a client: directive, Astro inserts named slot content into a data-astro-template attribute without HTML escaping the slot name allowing an attacker to break out of the attribute context and inject arbitrary HTML, resulting in reflect...

7.1CVSS0.00177EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 5:31 p.m.6 views

CVE-2026-50146

Astro is a web framework. Prior to 6.3.3, when a component uses a client: directive, Astro inserts named slot content into a data-astro-template attribute without HTML escaping the slot name allowing an attacker to break out of the attribute context and inject arbitrary HTML, resulting in reflect...

7.1CVSS5.9AI score0.00177EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/06/22 5:31 p.m.18 views

CVE-2026-50146

CVE-2026-50146 affects the Astro web framework prior to 6.3.3. When a component uses a client:* directive, Astro inserts named slot content into a data-astro-template attribute without escaping the slot name, allowing an attacker to break out of the attribute context and inject arbitrary HTML, re...

7.1CVSS5.9AI score0.00177EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/06/22 4:16 p.m.4 views

DEBIAN-CVE-2026-54266

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, Angular's HttpTransferCache caches HTTP requests made during Server-Side Rendering SSR so that they can be reused during...

6.1CVSS5.9AI score0.0009EPSS
Exploits0References1
Rows per page
Query Builder