A vulnerability classified as critical was found in Google AngularJS 1.2.0-rc.3 . Affected is an unknown function of the file angularjs.org of the component Regular Expression Handler . The manipulation results in incomplete filtering of special elements. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability was named CVE-2026-11998 . The attack may be performed from remote. There is no available exploit.