Lucene search
+L

7 matches found

SUSE CVE
SUSE CVE
added 2026/02/20 12:24 a.m.7 views

SUSE CVE-2026-24126

Weblate is a web based localization tool. Prior to 5.16.0, the SSH management console did not validate the passed input while adding the SSH host key, which could lead to an argument injection to ssh-add. Version 5.16.0 fixes the issue. As a workaround, properly limit access to the management...

9.1CVSS5.8AI score0.00447EPSS
Exploits3References3
NVD
NVD
added 2026/02/19 12:16 a.m.10 views

CVE-2026-24126

Weblate is a web based localization tool. Prior to 5.16.0, the SSH management console did not validate the passed input while adding the SSH host key, which could lead to an argument injection to ssh-add. Version 5.16.0 fixes the issue. As a workaround, properly limit access to the management...

9.1CVSS0.00447EPSS
Exploits3References3
Vulnrichment
Vulnrichment
added 2026/02/18 11:5 p.m.4 views

CVE-2026-24126 Weblate has an argument injection in management console

Weblate is a web based localization tool. Prior to 5.16.0, the SSH management console did not validate the passed input while adding the SSH host key, which could lead to an argument injection to ssh-add. Version 5.16.0 fixes the issue. As a workaround, properly limit access to the management...

6.6CVSS5.5AI score0.00447EPSS
Exploits3References3
CVE
CVE
added 2026/02/18 11:5 p.m.38 views

CVE-2026-24126

CVE-2026-24126 (Weblate) : The SSH host-key management endpoint accepts the admin-supplied host value and forwards it to ssh-keyscan without validation, enabling argument injection and potential arbitrary local-file read by the web server user. Affected: Weblate versions ≤ 5.15.2; Impact: read se...

9.1CVSS5.5AI score0.00447EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2026/02/18 11:5 p.m.33 views

CVE-2026-24126 Weblate has an argument injection in management console

Weblate is a web based localization tool. Prior to 5.16.0, the SSH management console did not validate the passed input while adding the SSH host key, which could lead to an argument injection to ssh-add. Version 5.16.0 fixes the issue. As a workaround, properly limit access to the management...

6.6CVSS0.00447EPSS
Exploits3References3
OSV
OSV
added 2025/03/27 2:15 p.m.4 views

DEBIAN-CVE-2025-26619

Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. In vega 5.30.0 and lower and in vega-functions 5.15.0 and lower , it was possible to call JavaScript functions from the Vega expression language that were not meant to be...

6.1CVSS5.9AI score0.00324EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/12/13 12:0 a.m.4 views

Zoom Security Breach

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. Zoom suffers from a security vulnerability. An attacker could exploit this vulnerability to disclose information via network access. The following products and versions are affected: Zoom Mobile...

4.9CVSS6.3AI score0.00567EPSS
Exploits0References2
Rows per page
Query Builder