Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
6DescriptionGitHub Advisory
Angular Expressions provides expressions for the Angular.JS web framework as a standalone module. Prior to 1.5.2, an attacker can write a malicious expression using filters that escapes the sandbox to execute arbitrary code on the system. This vulnerability is fixed in 1.5.2.
AnalysisAI
Remote code execution in angular-expressions versions ≤1.5.1 allows unauthenticated network attackers to escape the expression sandbox via malicious filter payloads and execute arbitrary system commands with no user interaction required. CVSS 9.3 (Critical) with confirmed public exploit code available. Vendor-released patch in version 1.5.2 addresses the sandbox escape. Affects applications using angular-expressions as a standalone module for evaluating user-supplied Angular.JS expressions.
Technical ContextAI
angular-expressions is an npm package (maintained by peerigon) that extracts Angular.JS expression parsing and evaluation as a standalone module, commonly used in template engines and dynamic content rendering outside the Angular framework. The vulnerability stems from CWE-95 (Improper Neutralization of Directives in Dynamically Evaluated Code), specifically a sandbox escape through prototype pollution when processing filter expressions. The public exploit leverages '__proto__' filter references to break out of the intended execution context. When applications compile untrusted expressions using expressions.compile(), attackers can manipulate JavaScript object prototypes to gain unrestricted code execution beyond the sandbox boundaries designed to isolate expression evaluation from the underlying Node.js runtime.
RemediationAI
Vendor-released patch: Upgrade angular-expressions to version 1.5.2 or later via npm (npm update angular-expressions or package.json dependency update to ^1.5.2). Official patch details available in GitHub Advisory GHSA-pw8r-6689-xvf4 (https://github.com/peerigon/angular-expressions/security/advisories/GHSA-pw8r-6689-xvf4) and exploit reference at https://gist.github.com/alon710/8d25a2ec6d3cfd7d6115a0f90a1bb719 demonstrates the vulnerability mechanics. If immediate patching is infeasible: (1) Implement strict input validation rejecting any expressions containing 'proto', 'constructor', or other prototype-manipulation keywords (note: sophisticated attackers may bypass keyword filters via encoding or obfuscation), (2) Isolate expression compilation in sandboxed containers (VM2 or isolated-vm npm modules) with restricted permissions (trade-off: performance overhead and potential compatibility issues with existing code), (3) Disable filter support entirely if application logic permits (may break functionality relying on Angular.JS filter syntax). These mitigations are stopgap measures only - upgrade to 1.5.2 remains the definitive fix.
More in Angular Expressions
View allangular-expressions is "angular's nicest part extracted as a standalone module for the browser and node". Rated high sev
Angular Expressions before version 1.0.1 has a remote code execution vulnerability if you call expressions.compile(userC
Same weakness CWE-95 – Eval Injection
View allSame technique Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-29078
GHSA-pw8r-6689-xvf4