CVE-2026-27739 | angular angular-cli up to 19.2.20/20.3.16/21.1.4 Relative URL server-side request forgery

Inserito da Angelo Barbosa | Feb 25, 2026 | CVE

A vulnerability marked as critical has been reported in angular angular-cli up to 19.2.20/20.3.16/21.1.4. The impacted element is an unknown function of the component Relative URL Handler. This manipulation causes server-side request forgery.

This vulnerability is tracked as CVE-2026-27739. The attack is possible to be carried out remotely. No exploit exists.

It is suggested to upgrade the affected component.

CVE-2026-27739 | angular angular-cli up to 19.2.20/20.3.16/21.1.4 Relative URL server-side request forgery

Post correlati

CVE-2025-13469 | Public Knowledge Project omp/ojs 3.3.0/3.4.0/3.5.0 Payment Instructions Setting paymentForm.tpl manualInstructions cross site scripting (Issue 12022)

CVE-2024-26174 | Microsoft information disclosure

CVE-2024-8340 | SourceCodester Electric Billing Management System 1.0 /Actions.php username sql injection

CVE-2024-4144 | Simple Basic Contact Form Plugin up to 20240502 on WordPress Shortcode Remote Code Execution