3 matches found
CVE-2026-41519
Weblate is a web based localization tool. Prior to version 5.17.1, when a user changes their password, browser sessions are correctly invalidated via "cyclesessionkeys", but DRF API tokens "wlu" prefix stored in "authtokentoken" are not revoked. This issue has been patched in version 5.17.1...
weblate-5.17.1-1.1 on GA media (moderate)
weblate-5.17.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:10929-1 Rating: moderate Cross-References: CVE-2026-41519 CVE-2026-41654 CVE-2026-44263 CVE-2026-44264 Affected Products: openSUSE Tumbleweed An update that solves 4 vulnerabilities can now be installed. Description: These are all...
SUSE CVE-2026-41519
Weblate is a web based localization tool. Prior to version 5.17.1, when a user changes their password, browser sessions are correctly invalidated via "cyclesessionkeys", but DRF API tokens "wlu" prefix stored in "authtokentoken" are not revoked. This issue has been patched in version 5.17.1...