{"vulnerability": "cve-2026-46417", "sightings": [{"uuid": "7da8efcf-9d38-423c-9bce-285ac5944315", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46417", "type": "seen", "source": "https://bsky.app/profile/arigatouz.bsky.social/post/3mlvvhfkrbc2n", "content": "\ud83d\udea8 Security Alert for Angular SSR users!\nA HIGH severity SSRF vulnerability (CVE-2026-46417, CVSS 8.8) was just disclosed in `@angular/platform-server`.\nAn attacker can hijack the SSR hostname via absolute-form URLs, redirecting your internal HttpClient requests to a malicious server", "creation_timestamp": "2026-05-15T17:50:55.707935Z"}, {"uuid": "fccb5341-424c-4dc9-aa37-b5aff8fd034b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46417", "type": "seen", "source": "https://bsky.app/profile/arigatouz.bsky.social/post/3mlvvhfl22k2n", "content": "\ud83d\udea8 Security Alert for Angular SSR users!\nA HIGH severity SSRF vulnerability (CVE-2026-46417, CVSS 8.8) was just disclosed in `@angular/platform-server`.\nAn attacker can hijack the SSR hostname via absolute-form URLs, redirecting your internal HttpClient requests to a malicious server", "creation_timestamp": "2026-05-15T17:51:08.417280Z"}, {"uuid": "b4a400f6-3a1b-4467-be9d-087cd0320777", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46417", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3movzegdm3l2j", "content": "CVE-2026-46417 - Angular: SSRF via Hostname Hijacking in @angular/platform-server\nCVE ID : CVE-2026-46417\n \n Published : June 22, 2026, 3:40 p.m. | 7\u00a0hours, 29\u00a0minutes ago\n \n Description : Angular is a development platform for building mobile and desktop web applications using...", "creation_timestamp": "2026-06-22T23:16:24.951124Z"}]}