QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2026-44643

Back to search

CVE-2026-44643

Published: May 11, 2026

Modified: May 11, 2026

PUBLISHED

Description

Angular Expressions provides expressions for the Angular.JS web framework as a standalone module. Prior to 1.5.2, an attacker can write a malicious expression using filters that escapes the sandbox to execute arbitrary code on the system. This vulnerability is fixed in 1.5.2.

VendorProductVersions

peerigon

angular-expressions

affected
< 1.5.2

Weaknesses (CWE)

CWE-95

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now