Next.js starter your AI actually understands. Ship internal tools in days not weeks. Pre-order $199 $499 → [Get it now]

CoreUI for Angular v5.6.21 - Angular 21.2.5 Security Update

calendar Monday, March 23, 2026
#changelog #angular #v5
CoreUI for Angular v5.6.21 - Angular 21.2.5 Security Update

We are pleased to announce the release of CoreUI for Angular v5.6.21. This critical security update brings full support for Angular 21.2.5 and includes important security patches addressing multiple vulnerabilities in flatted, socket.io-parser, and undici packages. This update ensures your Angular applications run securely with the latest framework improvements and comprehensive dependency updates.

Speed up your responsive apps and websites with fully-featured, ready-to-use open-source admin panel templates—free to use and built for efficiency.

Free Angular Admin Template
Angular
Free Bootstrap Admin Template
Bootstrap
Free React.js Admin Template
React Logo
React.js
Free Vue.js Admin Template
Vue.js

How to Update

To update to CoreUI v5.6.21 for Angular 21.2.5, follow these simple steps to ensure your project is up-to-date:

  • Verify that you are using a supported version of node.js before you upgrade your application. Angular v21 supports node.js versions: v18.19 and newer, or v20.11 and newer, or v22.0 and newer.
  • To update your application to Angular v21.2.5 and CoreUI v5.6.21, in the application’s project directory, run:
ng update @angular/[email protected] @angular/[email protected] @coreui/coreui@~5.6.0 @coreui/angular@~5.6.21

What’s New

Angular Framework Update

CoreUI for Angular v5.6.21 fully supports Angular 21.2.5, bringing you the latest framework patches:

  • Security Fixes: Critical security patches from the Angular team
  • Stability Updates: Framework-level bug fixes and improvements
  • Performance: Runtime optimizations and enhancements
  • Compatibility: Enhanced compatibility with Angular ecosystem and TypeScript

Critical Security Patches

This release addresses three important security vulnerabilities to ensure your applications are protected:

1. Flatted Library Vulnerability (GHSA-rf6f-7fwh-wjgh)

Patched a critical security issue in the flatted serialization library. This vulnerability could potentially be exploited in applications that use flatted for data serialization.

2. Socket.io-parser Vulnerability (GHSA-677m-j7p3-52f9)

Resolved a security advisory in socket.io-parser that could affect applications using Socket.io for real-time communication.

3. Undici Package - Multiple Security Issues

Updated undici to version ^7.24.2 to address six critical security vulnerabilities:

  • WebSocket Parsing Vulnerabilities: Fixed parsing issues that could lead to security exploits
  • HTTP Smuggling Concerns: Addressed potential HTTP request smuggling attacks
  • Memory Consumption Weaknesses: Resolved memory exhaustion vulnerabilities
  • WebSocket Validation Gaps: Enhanced WebSocket connection validation
  • CRLF Injection Risks: Mitigated CRLF injection attack vectors

We strongly recommend updating as soon as possible to protect your applications against these known vulnerabilities and ensure compliance with security best practices.

Development Tooling Updates

Updated Angular and development tools to the latest versions:

  • Angular Core and CLI: Full support for Angular 21.2.5
  • Build Tools: Updated @angular-devkit/schematics, @angular/build, and @angular/cli
  • Component Development Kit: Latest @angular/cdk
  • Code Quality: Updated angular-eslint and typescript-eslint packages
  • Package Management: Updated ng-packagr for better library builds

Dependency Updates

We have updated key dependencies to their latest versions, ensuring improved performance, security, and compatibility with the latest Angular 21.2.5 standards:

Angular Core Updates

  • @angular/animations from: 21.2.3 to: 21.2.5
  • @angular/common from: 21.2.3 to: 21.2.5
  • @angular/compiler from: 21.2.3 to: 21.2.5
  • @angular/core from: 21.2.3 to: 21.2.5
  • @angular/forms from: 21.2.3 to: 21.2.5
  • @angular/platform-browser from: 21.2.3 to: 21.2.5
  • @angular/platform-browser-dynamic from: 21.2.3 to: 21.2.5
  • @angular/router from: 21.2.3 to: 21.2.5

Angular Development Tools

  • @angular-devkit/schematics from: 21.2.2 to: 21.2.3
  • @angular/build from: 21.2.2 to: 21.2.3
  • @angular/cli from: 21.2.2 to: 21.2.3
  • @angular/cdk from: 21.2.2 to: 21.2.3
  • @angular/compiler-cli from: 21.2.3 to: 21.2.5

Build and Package Management Tools

  • ng-packagr from: 21.2.2 to: 21.2.3
  • @angular-eslint/builder from: 19.0.1 to: 19.0.2
  • @angular-eslint/eslint-plugin from: 19.0.1 to: 19.0.2
  • @angular-eslint/eslint-plugin-template from: 19.0.1 to: 19.0.2
  • @angular-eslint/schematics from: 19.0.1 to: 19.0.2
  • @angular-eslint/template-parser from: 19.0.1 to: 19.0.2

Code Quality and Linting

  • eslint from: 9.19.0 to: 9.20.0
  • typescript-eslint from: 8.57.0 to: 8.58.0

Security Overrides

  • undici - overridden to: ^7.24.2 (addresses six critical vulnerabilities)

These updates bring your application to the latest Angular 21.2.5 and related library versions.

Released Packages

This release includes updates to the following CoreUI Angular packages:

  • @coreui/angular: v5.6.21 - Core Angular components and directives
  • @coreui/angular-chartjs: v5.6.21 - Chart.js integration for Angular
  • @coreui/icons-angular: v5.6.21 - CoreUI Icons for Angular

All packages are synchronized to version 5.6.21 to ensure compatibility and consistent behavior across the CoreUI Angular ecosystem.

Migration Notes

This is a security and maintenance release with full backward compatibility. No breaking changes were introduced. If you’re upgrading from an earlier version:

  1. Update your dependencies using the ng update command shown above
  2. Review your application for any console warnings
  3. Run your test suite to ensure everything works as expected
  4. Verify security patches by running npm audit to check for vulnerabilities

Why Update?

Updating to CoreUI for Angular v5.6.21 provides critical benefits:

  • Security: Critical patches for three major vulnerabilities (flatted, socket.io-parser, undici)
  • Latest Angular Features: Access to Angular 21.2.5 improvements
  • Stability: Framework-level bug fixes and enhancements
  • Best Practices: Stay current with latest security standards
  • Compatibility: Synchronized package versions prevent conflicts
  • Support: Remain on officially supported versions

Security Recommendations

After updating:

  1. Verify Patches: Ensure all vulnerabilities are resolved by running npm audit
  2. Test Thoroughly: Verify all functionality, especially WebSocket and real-time features
  3. Review Dependencies: Check for any additional security advisories
  4. Update Regularly: Keep your dependencies up to date with regular maintenance
  5. Monitor Advisories: Subscribe to security advisories for Angular and CoreUI

Additional Resources

For a comprehensive overview of all changes, enhancements, and updates introduced in this release, please refer to the full changelog on GitHub.

Subscribe to our newsletter
Get early information about new products, product updates and blog posts.
How to Use Bootstrap Dropdown in Vue 3 – CoreUI Integration Guide
How to Use Bootstrap Dropdown in Vue 3 – CoreUI Integration Guide
calendar Monday, June 30, 2025
What is CoreUI and Why Should You Use It for Your Next Admin Dashboard?
What is CoreUI and Why Should You Use It for Your Next Admin Dashboard?
calendar Thursday, July 10, 2025
How to Use Bootstrap Tooltip in Vue 3 – The Right Way with CoreUI
How to Use Bootstrap Tooltip in Vue 3 – The Right Way with CoreUI
calendar Monday, June 23, 2025
How to Manage Date and Time in Specific Timezones Using JavaScript
How to Manage Date and Time in Specific Timezones Using JavaScript
calendar Wednesday, January 22, 2025

Answers by CoreUI Core Team

How to mock HttpClient in Angular tests
How to curry a function in JavaScript
How to debug Vue lifecycle hooks
How to filter an array in JavaScript
How to validate file uploads in Node.js
How to send emails with Nodemailer