CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-50171
Medium

A Denial of Service (DoS) vulnerability exists in the @angular/common package of Angular. The formatNumber function, also used by DecimalPipe, PercentPipe, and CurrencyPipe, does not properly validate the upper bounds of the digitsInfo parameter, allowing a maliciously crafted string with excessively large fraction digit values to cause an unbounded loop in the roundNumber function, leading to system overload.

CVE-2026-50169
Medium

A vulnerability in the @angular/service-worker package causes the Service Worker to strip strict redirect policies (e.g., redirect: 'error') during request reconstruction, falling back to the browser's default 'follow' behavior. This can lead to unintended following of HTTP 3xx redirects, potentially exposing cookies, credentials, or session-restricted data.

CVE-2026-46417
Medium

In Angular versions prior to 22.0.0-next.12, 21.2.13, 20.3.21, and 19.2.22, a Server-Side Request Forgery (SSRF) vulnerability exists in @angular/platform-server. The SSR engine can be manipulated by passing an absolute-form URL (e.g., http://evil.com), allowing an attacker to control the hostname and redirect HttpClient requests to an external server.

CVE-2026-11994
Medium

Akaunting version 3.1.21 contains an authenticated stored Cross-Site Scripting vulnerability in the report management workflow. A user with permission to create or update reports can store arbitrary HTML/JavaScript in the description field of a report.

CVE-2026-9320
Medium

IBM WebSphere Application Server versions 9.0, 8.5, and IBM WebSphere Application Server - Liberty versions 17.0.0.3 through 26.0.0.6 are vulnerable to a denial of service attack caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.

CVE-2026-8934
Medium

CVE-2026-8934 is a Missing Authorization vulnerability in a GraphQL private API operation of the Google App Engine section of the Cloud Console, allowing an unauthenticated remote attacker to leak sensitive App Engine request logs from other projects using a specially crafted request.

CVE-2026-8636
Medium

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 allow an attacker to retrieve user passwords and cryptographic keys from memory. The attacker can use the same keys to decrypt passwords, gain access to the application, and access sensitive data in the database.

CVE-2026-8059
Medium

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 are vulnerable to cross-site scripting (XSS). An unauthenticated attacker can embed arbitrary JavaScript code in the Web UI, altering intended functionality and potentially leading to credential disclosure within a trusted session.

CVE-2026-7253
Medium

An SSRF vulnerability in IBM Watson Speech Services Cartridge allows an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. The issue affects the Sterling File Gateway component used in speech runtimes.

CVE-2026-54267
Medium

A DOM Clobbering vulnerability in Angular allows an attacker to replace the SSR state container (ng-state) by injecting an HTML element with the same ID. During client hydration, Angular reads data from the fake element, potentially leading to code execution or data theft.

CVE-2026-54266
Medium

A vulnerability in Angular prior to versions 22.0.1, 21.2.17, and 20.3.25 allows an attacker to overwrite HTTP responses in the TransferState cache during Server-Side Rendering (SSR). The weak 32-bit DJB2 hash used for cache key generation enables hash collisions, causing sensitive endpoint responses to be replaced with responses from other requests.

CVE-2026-54265
Medium

In Angular prior to versions 22.0.1, 21.2.17, and 20.3.25, a vulnerability in the @angular/compiler package allows bypassing DOM property sanitization through two-way property bindings. An attacker who controls the value of a sensitive property can bypass Angular's built-in sanitization, leading to client-side Cross-Site Scripting (XSS).

CVE-2026-54264
Medium

An information disclosure vulnerability exists in the @angular/service-worker package of Angular prior to versions 22.0.1, 21.2.17, and 20.3.25. When fetching assets, the Service Worker preserves sensitive headers (e.g., Authorization, Proxy-Authorization, session cookies) on cross-origin redirects, violating the Fetch redirect algorithm. A remote attacker can obtain these credentials by triggering a redirect to an untrusted external origin.

CVE-2026-53655
Medium

Vulnerability in node-tar (before 7.5.16) involves incorrect processing of PAX extended headers. The library erroneously applies the size override from a PAX header to intermediate metadata headers (e.g., GNU long-name), causing stream desynchronization compared to other tar implementations. This allows crafting an archive that is interpreted differently by different tools.

CVE-2026-53550
Medium

A vulnerability in js-yaml prior to versions 4.2.0 and 3.15.0 allows a denial of service attack via a crafted YAML document that repeatedly uses the same alias in merge sequences (<<). This causes quadratic parse-time complexity, potentially blocking the Node.js event loop for seconds even with a small payload (tens of KB).

CVE-2026-52725
Medium

In @angular/core prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, a vulnerability allows bypassing script-execution restrictions during dynamic component creation by mounting components directly onto a <script> or namespaced script element. This enables attackers to execute untrusted code or perform client-side XSS.

CVE-2026-50557
Medium

A vulnerability in Angular's @angular/compiler and @angular/core packages allows bypassing element and attribute sanitization via namespace workarounds. An attacker can inject a malicious template with custom namespaces, leading to client-side Cross-Site Scripting (XSS).

CVE-2026-41047
Medium

In qSnapper before version 1.3.3, lack of authentication in the "snapshot diff" functions allowed a local attacker to read otherwise read-protected information.

CVE-2026-12725
Medium

A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies containing unsupported algorithm or digest types can cause dnsmasq to write past the end of an internal logging buffer. A remote attacker able to supply such a DNS response may crash the dnsmasq process, resulting in denial of service.

CVE-2026-12549
Medium

The fix for CVE-2026-2443 was regressed by a subsequent rework commit that replaced specific overflow checks with a general signed comparison. When a client sends a Range request with a suffix length exceeding the content size, the resulting negative start value is not properly clamped, leading to malformed HTTP 206 responses and log flooding.

PreviousPage 96 of 559Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS