Part of Lyceum Intelligence — deep-research In Focus reports → · Lyceum Corpus — ask the documents →

Full-text search across 381 articles. Typo-tolerant.

Lyceum News Desk ·

CVE-2026-44643 -- CVSS 10.0 Vulnerability Briefing

CVE-2026-44643 | CVSS 10.0 (Critical) | Exploit: No known exploit

What Is It

CVE-2026-44643 is a sandbox escape vulnerability in Peerigon's Angular-Expressions library, a standalone module that provides Angular.JS-style expression parsing and evaluation.

Technical Detail

The flaw exists in versions of Angular-Expressions prior to 1.5.2, where an attacker can craft a malicious expression using Angular filters to break out of the expression sandbox. By bypassing the sandbox, an attacker can execute arbitrary JavaScript in the context of the host application, which in practice means remote code execution or full client-side compromise depending on how the library is integrated. The vulnerability is particularly significant because Angular-Expressions is commonly used in server-side template rendering contexts, where sandbox escapes can escalate to server-side code execution.

Exploitation Status

No known exploit code has been publicly identified at this time. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities catalog. Despite the absence of confirmed exploitation, the critical CVSS score of 10.0 reflects the maximum potential impact, and the lack of a known exploit should not be treated as an indicator of low risk given the nature of sandbox escape vulnerabilities.

Who Is Targeting This

No specific threat actor attribution at this time. No campaigns or targeted sectors have been associated with this vulnerability as of the date of this briefing.

What To Do

Upgrade Angular-Expressions to version 1.5.2 or later immediately. Given the critical severity rating and the potential for remote code execution, patching should be treated as a high priority regardless of current exploitation status. Organizations using Angular-Expressions in server-side rendering pipelines should treat this as especially urgent. If immediate patching is not possible, restrict untrusted user input from being passed to any expression evaluation function exposed by the library. Audit application code for any usage of Angular-Expressions that processes user-controlled data and apply input validation as a temporary compensating control until the patch is applied.

In Focus
All analysis →

Deep-research intelligence reports from Lyceum Intelligence — structured assessments with sourced claims and calibrated conclusions.

Browse Intelligence Reports →