RCE in Angular

CVE-2026-49241

The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. Prior to 21.2.4, the client-side Angular Language Service VS Code extension reads the custom TypeScript SDK paths typescript.tsdk and…

Vulnerability class: XSS (Cross-Site Scripting)