Lucene search
K

7 matches found

NVD
NVD
added 2026/06/22 4:16 p.m.10 views

CVE-2026-52725

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/core package allows bypassing script-execution restrictions during dynamic component...

6.1CVSS0.00238EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/22 3:18 p.m.6 views

EUVD-2026-38261

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/core package allows bypassing script-execution restrictions during dynamic component...

5.3CVSS6AI score0.00238EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/22 3:18 p.m.39 views

CVE-2026-52725 Angular Template and Dynamic Component Namespace Bypass leading to Cross-Site Scripting (XSS)

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/core package allows bypassing script-execution restrictions during dynamic component...

5.3CVSS0.00238EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/22 3:18 p.m.5 views

CVE-2026-52725

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/core package allows bypassing script-execution restrictions during dynamic component...

6.1CVSS6AI score0.00238EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2026/06/15 4:51 p.m.37 views

@angular/core: Angular Template and Dynamic Component Namespace Bypass leading to Cross-Site Scripting (XSS)

An issue in the @angular/core package allows bypassing script-execution restrictions during dynamic component creation. Specifically, the dynamic component instantiation mechanism createComponent failed to reject mounting components directly onto a or namespaced script element such as . This...

6.1CVSS6.1AI score0.00238EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.17 views

PT-2026-49568

Name of the Vulnerable Software and Affected Versions Angular versions prior to 22.0.0-rc.2 Angular versions prior to 21.2.15 Angular versions prior to 20.3.22 Angular versions prior to 19.2.23 Description An issue in the @angular/core package allows bypassing script-execution restrictions during...

5.3CVSS6AI score0.00238EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.11 views

Trimble SketchUp 安全漏洞

Trimble SketchUp is a 3D modeling software developed by Trimble in the United States. It is designed for architects, urban planning experts, producers, game developers, and professionals in related fields. Trimble SketchUp has a security vulnerability that stems from improper handling of dynamic...

9.3CVSS6.4AI score0.00231EPSS
Exploits0References1
Rows per page
Query Builder