CVE-2026-44643
CriticalSummary
Angular Expressions, used in the Angular.JS framework, prior to version 1.5.2, allowed an attacker to write a malicious expression that could escape the sandbox and execute arbitrary code on the system.
Risk Assessment
Exploitation of this vulnerability could lead to remote code execution, posing a serious threat to the security of the system and the organization's data.
Recommendation
It is recommended to upgrade to version 1.5.2 or later to mitigate this vulnerability.
Original NVD description (English source)
Angular Expressions provides expressions for the Angular.JS web framework as a standalone module. Prior to 1.5.2, an attacker can write a malicious expression using filters that escapes the sandbox to execute arbitrary code on the system. This vulnerability is fixed in 1.5.2.

