GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
3 advisories
Angular has XSS Vulnerability via Unsanitized SVG Script Attributes
High
CVE-2026-22610
was published
for
@angular/compiler
(npm)
Jan 9, 2026
Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes
High
CVE-2025-66412
was published
for
@angular/compiler
(npm)
Dec 2, 2025
Angular is Vulnerable to XSRF Token Leakage via Protocol-Relative URLs in Angular HTTP Client
High
CVE-2025-66035
was published
for
@angular/common
(npm)
Nov 26, 2025
ProTip!
Advisories are also available from the
GraphQL API