CVE-2025-32021
CVE-2025-32021 concerns Weblate before 5.11, where creating a new component from an existing one could leak VCS credentials. If the source repository URL is present in settings, that URL is carried in client URL parameters during creation; credentials such as GitHub PATs and usernames could appea...