SUSE CVE-2026-33440

Weblate is a web based localization tool. In versions prior to 5.17, the ALLOWEDASSETDOMAINS setting applied only to the first issued requests and didn't restrict possible redirects. This issue has been fixed in version 5.17...

EUVD-2026-23018

Weblate: SSRF via the webhook add-on using unprotected fetchurl...

CVE-2026-33214 Weblate has improper access control for the translation memory API

Weblate is a web based localization tool. In versions prior to 5.17, the translation memory API exposed unintended endpoints, which in turn didn't enforce proper access control. This issue has been fixed in version 5.17. If users are unable to update immediately, they can work around this issue b...

CVE-2026-21889

Weblate is a web based localization tool. Prior to 5.15.2, the screenshot images were served directly by the HTTP server without proper access control. This could allow an unauthenticated user to access screenshots after guessing their filename. This vulnerability is fixed in 5.15.2...

Improper Certificate Validation

Overview wlc is an A command-line utility for Weblate, translation tool with tight version control integration Affected versions of this package are vulnerable to Improper Certificate Validation in the SSL verification process. An attacker can intercept sensitive information by crafting malicious...

EUVD-2024-2373

Malicious code in bioql PyPI...