@angular/core

This hub aggregates every CVE we track for @angular/core, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.

OSS Libraries

CVEs tracked

Critical

High

In CISA KEV

Severity distribution

MEDIUM2LOW1CRITICAL1

Monthly trend

2024-072026-06

Latest CVEs

See all →

The 4 most recently published vulnerabilities affecting @angular/core.

CVE-2026-32635Angular has XSS in i18n attribute bindings9.0Mar 13, 2026
CVE-2026-27970Angular i18n vulnerable to Cross-Site Scripting (XSS)6.1Feb 26, 2026
CVE-2026-22610Angular has XSS Vulnerability via Unsanitized SVG Script Attributes6.1Jan 10, 2026
CVE-2021-4231Angular Comment cross site scripting3.5May 26, 2022

Product normalization is registry-driven with AI assist and human review. How it works