Threats Tagged 'cve-2026-41468'
View all threats tagged with 'cve-2026-41468'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-41468'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-41468: CWE-1104 Use of Unmaintained Third-Party Components in Beghelli SicuroWeb (Sicuro24)CVE-2026-41468 0 Beghelli Sicuro24 SicuroWeb embeds AngularJS 1.5.2, an end-of-life component containing known sandbox escape primitives. When combined with template injection present in the same application, these primitives allow attackers to escape the AngularJS sandbox and achieve arbitrary JavaScript execution in operator browser sessions, enabling session hijacking, DOM manipulation, and persistent browser compromise. Network-adjacent attackers can deliver the complete injection and escape chain via MITM in plaintext HTTP deployments without active user interaction. Join the discussion | CVE Database V5 | 04/22/2026, 18:04:38 UTC Added: 04/22/2026, 18:31:09 UTC |
Showing 1 to 1 of 1 result