Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

5 advisories

Loading
Angular Client Hydration DOM Clobbering & Response-Cache Poisoning High
CVE-2026-54267 was published for @angular/core (npm) Jun 15, 2026
SkyZeroZx Credited to SkyZeroZx, AndrewKushnir, alan-agius4, josephperrott, and JeanMeche AndrewKushnir AndrewKushnir
alan-agius4 alan-agius4 josephperrott josephperrott JeanMeche JeanMeche
@angular/platform-server: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') High
CVE-2026-50555 was published for @angular/platform-server (npm) Jun 15, 2026
SkyZeroZx Credited to SkyZeroZx, alan-agius4, and josephperrott alan-agius4 alan-agius4
josephperrott josephperrott
SkyZeroZx Credited to SkyZeroZx, alan-agius4, and josephperrott alan-agius4 alan-agius4
josephperrott josephperrott
@angular/common: Denial of Service (DoS) via OOM in Date Formatting (formatDate) High
CVE-2026-54268 was published for @angular/common (npm) Jun 15, 2026
JeanMeche Credited to JeanMeche, alan-agius4, SkyZeroZx, and josephperrott alan-agius4 alan-agius4
SkyZeroZx SkyZeroZx josephperrott josephperrott
@angular/service-worker: Sensitive Header Leakage on Cross-Origin Redirects in Angular Service Worker High
CVE-2026-54264 was published for @angular/service-worker (npm) Jun 15, 2026
SkyZeroZx Credited to SkyZeroZx, alan-agius4, JeanMeche, and josephperrott alan-agius4 alan-agius4
JeanMeche JeanMeche josephperrott josephperrott
ProTip! Advisories are also available from the GraphQL API