Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/01/17 7:15 p.m.21 views

CVE-2026-23535

wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.2, the multi-translation download could write to an arbitrary location when instructed by a crafted server. This vulnerability is fixed in 1.17.2...

8CVSS6.9AI score0.00337EPSS
Exploits0References1
NVD
NVD
added 2026/01/16 7:16 p.m.11 views

CVE-2026-23535

wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.2, the multi-translation download could write to an arbitrary location when instructed by a crafted server. This vulnerability is fixed in 1.17.2...

8CVSS0.00337EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/16 7:16 p.m.7 views

CVE-2026-23535

wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.2, the multi-translation download could write to an arbitrary location when instructed by a crafted server. This vulnerability is fixed in 1.17.2...

8CVSS6AI score0.00337EPSS
Exploits0References5
OSV
OSV
added 2026/01/16 7:16 p.m.4 views

UBUNTU-CVE-2026-23535

wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.2, the multi-translation download could write to an arbitrary location when instructed by a crafted server. This vulnerability is fixed in 1.17.2...

8CVSS5.9AI score0.00337EPSS
Exploits0References6
Snyk
Snyk
added 2026/01/16 4:58 p.m.6 views

Directory Traversal

Overview wlc is an A command-line utility for Weblate, translation tool with tight version control integration Affected versions of this package are vulnerable to Directory Traversal via unsanitized component slugs from the Weblate server during multi-translation downloads. An attacker can write...

8CVSS7.7AI score0.00337EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.10 views

WLC path traversal vulnerability

WLC is an open-source command-line client developed by Weblate. Versions of WLC prior to 1.17.2 contained a path traversal vulnerability. This vulnerability stemmed from the multi-translation download feature, which could write data to arbitrary locations based on instructions from a specially...

8CVSS5.9AI score0.00337EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.6 views

PT-2026-3302

Name of the Vulnerable Software and Affected Versions Weblate wlc versions prior to 1.17.2 Description The Weblate command-line client wlc, which uses Weblate's REST API, is susceptible to an arbitrary file write issue. A crafted server can instruct the multi-translation download functionality to...

8CVSS6AI score0.00337EPSS
Exploits0References23
Rows per page
Query Builder