@angular/core (npm) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package @angular/core, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2026-32635 — CVSS 9.0 (critical): Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior…
CVE-2026-22610 — CVSS 6.1 (medium): Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior…
CVE-2026-27970 — CVSS 6.1 (medium): Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages…
CVE-2026-50557 — CVSS 6.1 (medium): Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior…
CVE-2026-52725 — CVSS 6.1 (medium): Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior…
CVE-2026-54267 — CVSS 6.1 (medium): Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior…
CVE-2021-4231 — CVSS 3.5 (low): A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of…