angular-expressions is a standalone Node.js module exposing the AngularJS expression engine — used to evaluate dynamic template expressions server-side or in templating tools (notably docxtemplater, which depends on it for Word templates). On May 11, 2026, a CVSS 10.0 vulnerability was published: CVE-2026-44643 lets an attacker craft a filter-based expression that escapes the sandbox and executes arbitrary code on the system.
The 10.0 score (with scope S:C) reflects maximum severity: no authentication, no prerequisites, trivial exploitation, impact beyond the vulnerable component. The patched version is 1.5.2.
Technical Details
Why a sandbox?
angular-expressions evaluates AngularJS-style expressions like user.name | uppercase server-side in Node.js. To prevent a user from typing process.exit() or worse, the module ships a sandbox that blocks access to sensitive objects (window, process, eval, Function, prototype chain).
This is exactly the mechanism that has been repeatedly targeted by CVEs — AngularJS's parsing complexity makes the sandbox hard to harden. CVE-2026-44643 adds another chapter to that history.
The bug
The filter mechanism (expression | filterName:arg) introduces a path where some references resolve differently from the main expression. An attacker can chain an expression that:
- Uses the filter to smuggle in a forbidden reference
- Uses that reference to reconstruct access to
Functionorconstructor - Calls a Function constructor with malicious code as argument
- Executes that code in the Node.js context — unsandboxed
A typical exploitation pattern looks like:
const expr = compile("constructor.constructor('return process')() | someFilter");
expr(scope); // → executes process.exit() or worse
(The exact payload depends on the specific path researchers found — the CVE record does not expose details.)
Characteristics
| Field | Value |
|---|---|
| CVSS 3.1 | 10.0 (CRITICAL) |
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
| CWE | CWE-1336 (Improper Neutralization of Special Elements in Template Engine) |
| Scope | Changed — impacts beyond the component (the entire Node.js process) |
| Authentication | None |
Affected Products and Versions
| Module | Affected versions | Patched version |
|---|---|---|
angular-expressions | < 1.5.2 | 1.5.2 |
Transitive dependencies at risk: angular-expressions is bundled by many templating libraries, notably:
- docxtemplater (used to generate Word documents from templates)
- PDF/report generation tools
- AngularJS-style templating engines inside CMSes and internal tools
Check your dependency tree:
# npm
npm ls angular-expressions
# yarn
yarn why angular-expressions
# pnpm
pnpm why angular-expressions
If you use docxtemplater, check its version too: recent docxtemplater releases bundle angular-expressions ≥ 1.5.2.
Exploitation and Impact
Exploitation conditions
Any application that:
- Uses
angular-expressionsdirectly or transitively - Evaluates an expression containing user-controlled data (form input, URL parameter, uploaded file content)
The worst case is using it in a templating engine that accepts user-supplied templates (typical: customer-facing SaaS that generates personalized documents).
Post-exploitation impact
- Node.js RCE: full access to the server process (
process,require,fs,child_process) - In-memory secret theft: environment variables, configuration secrets
- LAN pivot from the compromised server
- Application code tampering if disk write is allowed
- Database exfiltration through the process's database credentials
Public exploit
No detailed public PoC has been released yet, but the AngularJS sandbox escape pattern is documented since 2015 (PortSwigger, Mario Heiderich). A motivated researcher can reconstruct an exploit in hours, not days.
Detection and IOCs
Dependency audit
# List every angular-expressions occurrence in your tree
npm ls angular-expressions 2>&1 | grep -v "deduped"
# Check the exact loaded version
node -e "console.log(require('angular-expressions/package.json').version)"
Application logs
If you log evaluated expressions (enable if possible):
# Hunt expressions containing classic escape patterns
grep -E "constructor|prototype|__proto__|Function\(" /var/log/your-app.log
Runtime monitoring
If you operate runtime defense (Snyk Runtime, Aikido, JFrog Xray), add a rule that alerts on expression evaluations containing constructor.constructor, __proto__, Function(, or globalThis.
Network IOCs
- Unusual outbound traffic from Node.js processes (DNS exfiltration, C2 callbacks)
- Connections to non-allowlisted destinations
- Sudden CPU spikes on Node.js workers (mining)
Mitigation and Patch
Immediate action
# npm
npm install angular-expressions@^1.5.2
# yarn
yarn upgrade angular-expressions@^1.5.2
# pnpm
pnpm update angular-expressions@^1.5.2
If the dependency is transitive (e.g., via docxtemplater):
# Force the version via overrides (package.json)
{
"overrides": {
"angular-expressions": "^1.5.2"
}
}
Then npm install to apply.
Workaround if patching is delayed
Sanitize user input before evaluation:
function isSafeExpression(expr) {
// Reject known sandbox-escape patterns
const forbidden = /constructor|prototype|__proto__|Function\(|eval|globalThis|window|process|require/i;
return !forbidden.test(expr);
}
if (!isSafeExpression(userInput)) {
throw new Error("Expression contains forbidden patterns");
}
const result = compile(userInput)(scope);
⚠️ This mitigation is incomplete: the AngularJS sandbox has historically been bypassed by creative patterns that slip past naive regex. Treat it as an emergency band-aid, not a real fix.
Long-term hardening
- Never use
angular-expressionsdirectly on user input — it's a developer-facing engine, not designed for end users - For user-supplied templates, use a real sandbox:
vm2(note: has its own CVE history),isolated-vm, or a separate runtime (worker thread, container) - Regular audits of your Node.js dependencies — use
npm audit, Snyk, Renovate
Why Continuous Monitoring of JavaScript Dependencies Matters
The npm ecosystem contains thousands of modules whose security depends on the spare time of volunteer maintainers. CVEs like CVE-2026-44643 — on a templating module that transitively ends up inside hundreds of B2B SaaS — are frequent and disclosed without notice to downstream users. Without automated monitoring, you discover the vulnerability only after it's already exploited.
With cveo.tech, inventory your Node.js runtimes and key dependencies and get automatic alerts the moment a critical CVE targets a version present in your tree — so you patch in the same window as the upstream commit.