Vulnerability Directory

If you’re currently using these frameworks in your application’s tech stack, your application could be vulnerable.

Secure drop-in replacements for open source software from HeroDevs helps you stay secure, compliant, and compatible while you migrate.

Switch to Never-Ending Support (NES) from HeroDevs to immediately mitigate these vulnerabilities.

Talk to Our Experts
Get Pricing
Codey gradient
Filter by Severity
Filter by Technology
Filter by Category
Filtering by:
Severity
=
Text for Severity
Close icon
Clear Filters
Severity
ID
Technology
Libraries Affected
Category
Version(s) Affected
Published Date
High
Open in new tab icon
CVE-2026-50171
Angular
Angular
Denial of Service
<=18.2.14, >=19.0.0-next.0 <19.2.23, >=20.0.0-next.0 <20.3.22, >=21.0.0-next.0 <21.2.15, >=22.0.0-next.0 <22.0.0-rc.2
Jun 12, 2026
High
Open in new tab icon
CVE-2026-50170
Angular
Angular
Information Exposure
<=18.2.14, >=19.0.0-next.0 <19.2.23, >=20.0.0-next.0 <20.3.22, >=21.0.0-next.0 <21.2.15, >=22.0.0-next.0 <22.0.0-rc.2
Jun 12, 2026
Medium
Open in new tab icon
CVE-2026-50169
Angular
Angular
Information Exposure
<=18.2.14, >=19.0.0-next.0 <19.2.23, >=20.0.0-next.0 <20.3.22, >=21.0.0-next.0 <21.2.15, >=22.0.0-next.0 <22.0.0-rc.2
Jun 12, 2026
Medium
Open in new tab icon
CVE-2026-50184
Angular
Angular
Information Exposure
<=18.2.14, >=19.0.0-next.0 <19.2.23, >=20.0.0-next.0 <20.3.22, >=21.0.0-next.0 <21.2.15, >=22.0.0-next.0 <22.0.0-rc.2
Jun 12, 2026
Medium
Open in new tab icon
CVE-2026-52725
Angular
Angular
Cross-Site Scripting
<=18.2.14, >=19.0.0-next.0 <19.2.23, >=20.0.0-next.0 <20.3.22, >=21.0.0-next.0 <21.2.15, >=22.0.0-next.0 <22.0.0-rc.2
Jun 12, 2026
Medium
Open in new tab icon
CVE-2026-50557
Angular
Angular
Cross-Site Scripting
<=18.2.14, >=19.0.0-next.0 <19.2.23, >=20.0.0-next.0 <20.3.22, >=21.0.0-next.0 <21.2.15, >=22.0.0-next.0 <22.0.0-rc.2
Jun 12, 2026
High
Open in new tab icon
CVE-2026-50556
Angular
Angular
Cross-Site Scripting
<=18.2.14, >=19.0.0-next.0 <19.2.25, >=20.0.0-next.0 <20.3.24, >=21.0.0-next.0 <21.2.16, >=22.0.0-next.0 <22.0.0-rc.2
Jun 12, 2026
High
Open in new tab icon
CVE-2026-50555
Angular
Angular
Cross-Site Scripting
<=18.2.14, >=19.0.0-next.0 <19.2.25, >=20.0.0-next.0 <20.3.24, >=21.0.0-next.0 <21.2.16, >=22.0.0-next.0 <22.0.0-rc.2
Jun 12, 2026
High
Open in new tab icon
CVE-2026-50168
Angular
Angular
Server-Side Request Forgery
<=18.2.14, >=19.0.0-next.0 <19.2.23, >=20.0.0-next.0 <20.3.22, >=21.0.0-next.0 <21.2.15, >=22.0.0-next.0 <22.0.0-rc.2
Jun 11, 2026
High
Open in new tab icon
CVE-2026-41855
Spring
Spring Framework
Remote Code Execution
>=4.3.0 <=4.3.30, >=5.3.0 <=5.3.48, >=6.1.0 <=6.1.27, >=6.2.0 <=6.2.18, >=7.0.0 <=7.0.7
Jun 11, 2026
Medium
Open in new tab icon
CVE-2026-41853
Spring
Spring Framework
Content Spoofing
>=5.3.0 <=5.3.48, >=6.1.0 <=6.1.27, >=6.2.0 <=6.2.18, >=7.0.0 <=7.0.7
Jun 11, 2026
Medium
Open in new tab icon
CVE-2026-41852
Spring
Spring Framework
Content Spoofing
>=4.3.0 <=4.3.30, >=5.3.0 <=5.3.48, >=6.1.0 <=6.1.27, >=6.2.0 <=6.2.18, >=7.0.0 <=7.0.7
Jun 11, 2026
Medium
Open in new tab icon
CVE-2026-41851
Spring
Spring Framework
Content Spoofing
>=4.3.0 <=4.3.30, >=5.3.0 <=5.3.48, >=6.1.0 <=6.1.27, >=6.2.0 <=6.2.18, >=7.0.0 <=7.0.7
Jun 11, 2026
High
Open in new tab icon
CVE-2026-41850
Spring
Spring Framework
Denial of Service
>=4.3.0 <=4.3.30, >=5.3.0 <=5.3.48, >=6.1.0 <=6.1.27, >=6.2.0 <=6.2.18, >=7.0.0 <=7.0.7
Jun 11, 2026
Medium
Open in new tab icon
CVE-2026-41849
Spring
Spring Framework
Denial of Service
>=5.3.0 <=5.3.48
Jun 11, 2026
Exclamation icon
No results found

Please enter a valid Vulnerability ID number or Technology name.

Sign up for the latest vulnerability alerts
Rss feed icon
Subscribe via RSS
or
Thanks for signing up for our Newsletter! We look forward to connecting with you.
Oops! Something went wrong while submitting the form.