@unhead/angular (>=3.0.0 <=3.0.0-rc.4), @unhead/react (>=3.0.0 <=3.0.0-rc.4) +4 more potentially affected by unknown CVE via unhead (>=3.0.0-beta.5 <=3.0.0)

unhead NPM version =3.0.0-beta.5, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0-rc.4 Source cves: unknown CVE Source advisory: SNYK:JS-UNHEAD-15989796...

EUVD-2025-199282

Malicious code in @trackstar/test-angular-package npm...

MAL-2025-190971 Malicious code in itobuz-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4fcdbc14cc1282398d0aa27b0ada7027ef96a6c2b95c3fcb0fefb926cbb45a0e The package itobuz-angular was found to contain malicious code. Source: ghsa-malware 7bb8d54de22fc55a5690d5bf3b51d9847a98a5dcf0d9836311c615cd6a30b2df...

EUVD-2025-179629

Malicious code in commitlint-config-angular-sadr-cluster-mira npm...

EUVD-2025-176223

Malicious code in standard-thuban-commitlint-config-angular-got npm...

EUVD-2025-112036

Malicious code in jwt-json-commitlint-config-angular-quark npm...

@ai-sdk/angular (>=1.1.0-beta.0 <=1.1.0-beta.28), @ai-sdk/langchain (>=1.1.0-beta.0 <=1.1.0-beta.28) +5 more potentially affected by CVE-2025-48985 via ai (>=5.1.0-beta.0 <=5.1.0-beta.8)

ai NPM version =5.1.0-beta.0, =1.1.0-beta.0, =1.1.0-beta.0, =1.1.0-beta.0, =2.1.0-beta.0, =1.1.0-beta.0, =3.1.0-beta.0, =2.1.0-beta.0, =2.1.0-beta.28 Source cves: CVE-2025-48985 Source advisory: SNYK:JS-AI-13863465...

EUVD-2025-36855

Malicious code in rxjs-angular npm...

EUVD-2023-0833

Malicious code in bioql PyPI...

EUVD-2022-4470

Malicious code in bioql PyPI...

EUVD-2024-0512

Malicious code in bioql PyPI...

Embedded Malicious Code

Overview @ctrl/ngx-rightclick is a Context Menu Service for Angular Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API...

MAL-2025-14521 Malicious code in angular-4-datatable-custom (npm)

The package angular-4-datatable-custom was found to contain malicious code...

Malicious code in dorado-metalsmith-heka-commitlint-config-angular (npm)

The package dorado-metalsmith-heka-commitlint-config-angular was found to contain malicious code...

MAL-2025-20023 Malicious code in evvnt-submission-form-angular (npm)

The package evvnt-submission-form-angular was found to contain malicious code...

MAL-2025-5834 Malicious code in @3kali182/angular-1.6 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d6e937539475b670c6b2803a93621c36b92e5e70e066d60b062182fea98829b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Incomplete Filtering of Special Elements

Overview org.webjars.bowergithub.angular:angular is a package that lets you write client-side web applications as if you had a smarter browser. It also lets you use HTML as your template language and lets you extend HTML’s syntax to express your application’s components clearly and succinctly...

Linux Distros Unpatched Vulnerability : CVE-2023-26117

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service ReDoS via the $resource service due to the usage of an insecur...

Linux Distros Unpatched Vulnerability : CVE-2023-26118

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package angular from 1.4.9 are vulnerable to Regular Expression Denial of Service ReDoS via the element due to the usage of an insecure regular...

Linux Distros Unpatched Vulnerability : CVE-2023-26116

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service ReDoS via the angular.copy utility function due to the usage ...