Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

184 New today
64,732 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
94
Jun 23
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.2 CVE-2026-54268

Angular: Denial of Service (DoS) via OOM in Date Formatting (formatDate)_CVE-2026-54268

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1...

angular angular >= 22.0.0-next.0 < 22.0.1 CVE
HIGH 8.6 CVE-2026-54267

Angular Client Hydration DOM Clobbering & Response-Cache Poisoning_CVE-2026-54267

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1...

angular angular >= 22.0.0-next.0 < 22.0.1 CVE
HIGH 8.8 CVE-2026-54266

Angular: Weak 32-Bit Cache Key Hashing in `HttpTransferCache` Leading to Cross-Request Data Leakage and State Poisoning_CVE-2026-54266

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1...

angular angular >= 22.0.0-next.0 < 22.0.1 CVE
MEDIUM 5.3 CVE-2026-54265

Angular: Two-Way Property Binding Sanitization Bypass (XSS)_CVE-2026-54265

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1...

angular angular >= 22.0.0-next.0 < 22.0.1 CVE
HIGH 8.3 CVE-2026-54264

Angular: Sensitive Header Leakage on Cross-Origin Redirects in Angular Service Worker_CVE-2026-54264

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1...

angular angular >= 22.0.0-next.0 < 22.0.1 CVE
MEDIUM 6.9 CVE-2026-53655

node-tar applies PAX size override to intermediary GNU long-name/long-link headers, causing tar parser interpretation differential (file smuggling)_CVE-2026-53655

node-tar is a full-featured Tar for Node.js. Prior to 7.5.16, tar (node-tar) applies a PAX extended header's size= record (and other PAX overrides)...

isaacs node-tar < 7.5.16 CVE
MEDIUM 5.3 CVE-2026-53550

js-yaml: Quadratic-complexity DoS in merge key handling via repeated aliases_CVE-2026-53550

js-yaml is a JavaScript YAML parser and dumper. Prior to 4.2.0, a crafted YAML document can trigger algorithmic CPU exhaustion in js-yaml merge-key...

nodeca js-yaml < 4.2.0 CVE
MEDIUM 5.3 CVE-2026-52725

Angular Template and Dynamic Component Namespace Bypass leading to Cross-Site Scripting (XSS)_CVE-2026-52725

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...

angular angular >= 22.0.0-next.0 < 22.0.0-rc.2 CVE
MEDIUM 5.3 CVE-2026-50557

Angular: Template and Attribute Namespace Sanitization Bypass (XSS)_CVE-2026-50557

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...

angular angular >= 21.0.0-next.0 < 21.2.15 CVE