Lucene search
K

509 matches found

OSV
OSV
added yesterday3 views

MAL-2026-10389 Malicious code in timmytuffknuckles6 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22ef6fa6c2b9f80d6a1f79e532a9d9ea083a1c662bc834d118879ba630842b0c This package is not a Node.js library. package.json declares "main": "sw.js", a Service Worker that calls importScripts'./8cfc2/hgshm.js' — an API th...

6.2AI score
Exploits0References3
OSV
OSV
added yesterday3 views

MAL-2026-10390 Malicious code in timmytuffknuckles9 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 342d7a44db99769023685647376a6042d5a9b345c281826484c9d88561f245ca Package is not a Node library — package.json declares main: sw.js, a browser Service Worker whose first line calls importScripts'./8cfc2/hgshm.js'...

6.2AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-54264

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, an...

8.3CVSS6AI score0.00226EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-50169

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.1...

6.1CVSS6AI score0.00165EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-50184

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.1...

6.1CVSS6AI score0.0015EPSS
Exploits0References3
OSV
OSV
added 2026/06/22 6:16 p.m.6 views

DEBIAN-CVE-2026-50169

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15 20.3.22, and 19.2.23, an issue in the @angular/service-worker package compromises the integrity of request-policy enforcement during...

6.1CVSS5.8AI score0.00165EPSS
Exploits0References1
OSV
OSV
added 2026/06/22 6:16 p.m.5 views

DEBIAN-CVE-2026-50184

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/service-worker package compromises the integrity of request-policy enforcement during...

6.1CVSS5.9AI score0.0015EPSS
Exploits0References1
NVD
NVD
added 2026/06/22 6:16 p.m.12 views

CVE-2026-50169

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15 20.3.22, and 19.2.23, an issue in the @angular/service-worker package compromises the integrity of request-policy enforcement during...

6.1CVSS0.00165EPSS
Exploits0References2
NVD
NVD
added 2026/06/22 6:16 p.m.13 views

CVE-2026-50184

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/service-worker package compromises the integrity of request-policy enforcement during...

6.1CVSS0.0015EPSS
Exploits0References2
OSV
OSV
added 2026/06/22 4:16 p.m.4 views

DEBIAN-CVE-2026-54264

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, an information disclosure vulnerability exists in the @angular/service-worker package of the Angular framework. When the Servi...

6.1CVSS6AI score0.00226EPSS
Exploits0References1
NVD
NVD
added 2026/06/22 4:16 p.m.13 views

CVE-2026-54264

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, an information disclosure vulnerability exists in the @angular/service-worker package of the Angular framework. When the Servi...

8.3CVSS0.00226EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/22 3:42 p.m.4 views

CVE-2026-50184

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/service-worker package compromises the integrity of request-policy enforcement during...

5.7CVSS5.9AI score0.0015EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/06/22 3:42 p.m.7 views

CVE-2026-50184

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/service-worker package compromises the integrity of request-policy enforcement during...

6.1CVSS5.8AI score0.0015EPSS
Exploits0
OSV
OSV
added 2026/06/22 3:42 p.m.3 views

CVE-2026-50184 Angular: Request Credential & Cache Policy Stripping in Angular Service Worker

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/service-worker package compromises the integrity of request-policy enforcement during...

5.7CVSS5.9AI score0.0015EPSS
Exploits0References4
CVE
CVE
added 2026/06/22 3:42 p.m.19 views

CVE-2026-50184

Summary (CVE-2026-50184) : The vulnerability affects the Angular ecosystem, specifically the @angular/service-worker package. When the service worker reconstructs outbound requests, an internal helper strips client-specified safety parameters (credentials: omit and cache: no-store), reverting the...

6.1CVSS5.9AI score0.0015EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/22 3:42 p.m.36 views

CVE-2026-50184 Angular: Request Credential & Cache Policy Stripping in Angular Service Worker

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/service-worker package compromises the integrity of request-policy enforcement during...

5.7CVSS0.0015EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/22 3:41 p.m.32 views

CVE-2026-50169 Angular Service Worker Policy-Bypass & Credential-Stripping Vulnerabilities

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15 20.3.22, and 19.2.23, an issue in the @angular/service-worker package compromises the integrity of request-policy enforcement during...

5.7CVSS0.00165EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/22 3:41 p.m.3 views

CVE-2026-50169

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15 20.3.22, and 19.2.23, an issue in the @angular/service-worker package compromises the integrity of request-policy enforcement during...

5.7CVSS5.9AI score0.00165EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/06/22 3:41 p.m.8 views

CVE-2026-50169

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15 20.3.22, and 19.2.23, an issue in the @angular/service-worker package compromises the integrity of request-policy enforcement during...

6.1CVSS5.8AI score0.00165EPSS
Exploits0
CVE
CVE
added 2026/06/22 3:41 p.m.20 views

CVE-2026-50169

The CVE-2026-50169 issue affects the Angular service worker (@angular/service-worker). The vulnerability stems from the request reconstruction path in the service worker, where an internal helper strips strict client-defined redirect policies (for example redirect: 'error'), causing the browser t...

6.1CVSS5.9AI score0.00165EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder