| CVE-2026-44437 |
medium |
6.1 |
6.1 |
|
|
|
16d ago |
The Angular SSR is a server-rise rendering tool for Angular applications. From 19.0.0-next.0 to before 19.2.25, 20.3.25, 21.2.9, and 22.0.0-next.7, a vulnerability exists in the X-Forwarded-Prefix he… |
| CVE-2026-33397 |
medium |
6.1 |
6.1 |
|
|
|
2mo ago |
Protocol-Relative URL Injection via Single Backslash Bypass in Angular SSR |
| CVE-2026-27739 |
unknown |
— |
— |
|
|
|
3mo ago |
Angular SSR is vulnerable to SSRF and Header Injection via request handling pipeline |
| CVE-2026-27738 |
unknown |
— |
— |
|
|
|
3mo ago |
Angular SSR has an Open Redirect via X-Forwarded-Prefix |
| CVE-2025-62427 |
unknown |
— |
— |
|
|
|
8mo ago |
Angular SSR has a Server-Side Request Forgery (SSRF) flaw |
| CVE-2025-59052 |
unknown |
— |
— |
|
|
|
9mo ago |
Angular SSR: Global Platform Injector Race Condition Leads to Cross-Request Data Leakage |