CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.13)
A vulnerability in the @angular/service-worker package strips explicit security parameters (credentials and cache mode) during request reconstruction by the Angular Service Worker. This causes the browser to include active credentials where they should be omitted and caches private resources locally, leading to potential session leaks and persistent private data.
A Denial of Service (DoS) vulnerability exists in the @angular/common package of Angular. The formatNumber function, also used by DecimalPipe, PercentPipe, and CurrencyPipe, does not properly validate the upper bounds of the digitsInfo parameter, allowing a maliciously crafted string with excessively large fraction digit values to cause an unbounded loop in the roundNumber function, leading to system overload.
A vulnerability was found in Angular's @angular/common when Server-Side Rendering (SSR) and hydration are enabled. The HttpTransferCache does not inspect the withCredentials flag or Cookie header, causing credentialed responses to be cached in TransferState. These responses are serialized into HTML and may be stored in CDN or proxy caches, leading to information disclosure between users.
A vulnerability in the @angular/service-worker package causes the Service Worker to strip strict redirect policies (e.g., redirect: 'error') during request reconstruction, falling back to the browser's default 'follow' behavior. This can lead to unintended following of HTTP 3xx redirects, potentially exposing cookies, credentials, or session-restricted data.
A vulnerability in the @angular/platform-server package allows attackers to bypass host allowlist constraints and direct server-side outgoing requests to arbitrary external endpoints. This issue arises from a parser differential between the strict WHATWG URL parser and the lenient Domino parser, leading to an SSRF attack.
Babel is a compiler for writing next generation JavaScript. Prior to 8.0.0-rc.6 and 7.29.6, @babel/core affected by an arbitrary file read via a sourceMappingURL comment. Using @babel/core to compile maliciously crafted code can allow an attacker to read any source map from the system that is running Babel, if the attacker controls the input source code, can read the output source code, and knows the path of the source map file that they want to read.
A vulnerability in protobufjs before versions 7.6.1 and 8.4.1 allows exhaustion of the JavaScript call stack when converting decoded protobuf messages to objects or JSON. The issue stems from the lack of a depth limit for recursion when processing nested Any values.
In Angular versions prior to 22.0.0-next.12, 21.2.13, 20.3.21, and 19.2.22, a Server-Side Request Forgery (SSRF) vulnerability exists in @angular/platform-server. The SSR engine can be manipulated by passing an absolute-form URL (e.g., http://evil.com), allowing an attacker to control the hostname and redirect HttpClient requests to an external server.
The public dashboard query endpoint does not limit request body size before processing, allowing unauthenticated attackers to trigger excessive memory allocation by sending arbitrarily large JSON payloads. This can lead to denial of service through memory exhaustion.
An issue was discovered in Canonical ADSys versions up to v0.16.2, involving the use of an unencrypted HTTP connection to request the CA certificate from the AD CS server. An attacker can perform a Man-in-the-Middle attack, leading to the installation of a malicious certificate in the system's local trust store.
Akaunting version 3.1.21 contains an authenticated stored Cross-Site Scripting vulnerability in the report management workflow. A user with permission to create or update reports can store arbitrary HTML/JavaScript in the description field of a report.
CVE-2026-11825 was issued in error and should not be used. All references and descriptions associated with this candidate have been removed.
A maliciously crafted webpage, when visited by a user with Autodesk Fusion Desktop running and the MCP extension enabled, can trigger a vulnerability in the MCP extension that could allow arbitrary code execution.
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 expose resources or functionality that isn't linked in the UI but is accessible by directly requesting the URL, bypassing intended access controls.
IBM WebSphere Application Server versions 9.0, 8.5, and IBM WebSphere Application Server - Liberty versions 17.0.0.3 through 26.0.0.6 are vulnerable to a denial of service attack caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.
IBM WebSphere Application Server and IBM WebSphere Application Server Liberty, when using Intelligent Management with the WebSphere WebServer Plug-in component, are vulnerable to remote code execution and denial of service. This vulnerability can be exploited when an attacker impersonates backend servers and sends crafted responses to the plug-in.
IBM WebSphere Application Server versions 9.0, 8.5, and IBM WebSphere Application Server - Liberty versions 17.0.0.3 through 26.0.0.6 are vulnerable to a denial of service attack caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.
IBM WebSphere Application Server versions 9.0 and 8.5 are vulnerable to server-side request forgery (SSRF) with the Ajax Proxy configured. This may allow an attacker to send unauthorized requests from the system, resulting in a security bypass or information disclosure.
CVE-2026-8934 is a Missing Authorization vulnerability in a GraphQL private API operation of the Google App Engine section of the Cloud Console, allowing an unauthenticated remote attacker to leak sensitive App Engine request logs from other projects using a specially crafted request.
IBM WebSphere Application Server and Liberty are vulnerable to remote code execution and denial of service in the WebSphere Web Server Plug-in component. This vulnerability can be exploited when an attacker impersonates the application server and sends crafted responses to the plug-in.

