— PyPI
PYSEC-2017-42 · CVE-2017-5537, GHSA-j24g-gm76-j829 수정: 2023. 11. 8.
package
PyPI / weblate
pkg:pypi/weblate
— PyPI
PYSEC-2022-162 · BIT-weblate-2022-23915, CVE-2022-23915 수정: 2023. 12. 6.
— PyPI
PYSEC-2022-31 · BIT-weblate-2022-23915, CVE-2022-23915 수정: 2023. 12. 6.
— PyPI
PYSEC-2022-35 · BIT-weblate-2022-24710, CVE-2022-24710 수정: 2023. 12. 6.
LOW 3.5 PyPI
PYSEC-2025-230 · CVE-2025-64326, GHSA-gr35-vpx2-qxhc 수정: 2026. 5. 20.
MEDIUM 5.0 PyPI
PYSEC-2025-231 · CVE-2025-66407, GHSA-hfpv-mc5v-p9mm 수정: 2026. 5. 20.
MEDIUM 5.3 PyPI
PYSEC-2025-232 · CVE-2025-67492, GHSA-pj86-258h-qrvf 수정: 2026. 5. 20.
MEDIUM 4.3 PyPI
PYSEC-2025-233 · CVE-2025-67715, GHSA-3pmh-24wp-xpf4 수정: 2026. 5. 20.
HIGH 7.5 PyPI
PYSEC-2025-35 · CVE-2025-32021, GHSA-m67m-3p5g-cw9j 수정: 2026. 2. 5.
MEDIUM 4.3 PyPI
PYSEC-2026-152 · CVE-2026-33214, GHSA-mpf5-3vph-q75r 수정: 2026. 5. 20.
MEDIUM 6.8 PyPI
PYSEC-2026-153 · CVE-2026-33220, GHSA-mqph-7h49-hqfm 수정: 2026. 5. 20.
HIGH 8.0 PyPI
PYSEC-2026-154 · CVE-2026-33435, GHSA-558g-h753-6m33 수정: 2026. 5. 20.
HIGH 8.8 PyPI
PYSEC-2026-155 · CVE-2026-34393, GHSA-3382-gw9x-477v 수정: 2026. 5. 20.
MEDIUM 4.1 PyPI
PYSEC-2026-156 · CVE-2026-39845, GHSA-f8hv-g549-hwg2 수정: 2026. 5. 20.
HIGH 8.8 PyPI
GHSA-3382-gw9x-477v · CVE-2026-34393, PYSEC-2026-155 Weblate: Privilege escalation in the user API endpoint
수정: 2026. 5. 20.
MEDIUM 6.6 PyPI
GHSA-33fm-6gp7-4p47 · CVE-2026-24126 Weblate has an argument injection in management console
수정: 2026. 2. 22.
LOW PyPI
GHSA-377j-wj38-4728 · CVE-2025-58352 Weblate has a long session expiry when verifying second factor
수정: 2025. 9. 5.
HIGH 8.8 PyPI
GHSA-3872-f48p-pxqj · BIT-weblate-2022-23915, CVE-2022-23915 Improper Neutralization of Special Elements used in a Command ('Command Injection') in Weblate
수정: 2024. 11. 19.
LOW PyPI
GHSA-3g2f-4rjg-9385 · CVE-2026-21889 Weblate leaks information via screenshots
수정: 2026. 2. 3.
MEDIUM 4.3 PyPI
GHSA-3pmh-24wp-xpf4 · CVE-2025-67715, PYSEC-2025-233 Weblate has Systematic User and Project Enumeration via Broken Authorization in REST API (IDOR)
수정: 2026. 5. 20.
MEDIUM 5.3 PyPI
GHSA-4qqf-9m5c-w2c5 · CVE-2025-49134 Weblate exposes personal IP address via e-mail
수정: 2025. 7. 16.
HIGH 8.0 PyPI
GHSA-558g-h753-6m33 · CVE-2026-33435, PYSEC-2026-154 Weblate: Remote code execution during backup restoration
수정: 2026. 5. 20.
MEDIUM 4.9 PyPI
GHSA-57jg-m997-cx3q · CVE-2025-47951 Weblate lacks rate limiting when verifying second factor
수정: 2025. 6. 16.
MEDIUM 4.3 PyPI
GHSA-5cmv-3rc4-7279 · CVE-2026-44264 Weblate vulnerable to XSS via crafted Markdown
수정: 2026. 5. 8.
MEDIUM 5.0 PyPI
GHSA-5fhx-9jwj-867m · CVE-2026-33440 Weblate: Authenticated SSRF via redirect bypass of ALLOWED_ASSET_DOMAINS in screenshot URL uploads
수정: 2026. 4. 16.
MEDIUM 4.2 PyPI
GHSA-6j8j-4qp3-36p2 · CVE-2026-41519 Weblate Doesn't Invalidate API Token on Password Change
수정: 2026. 5. 8.
MEDIUM 5.4 PyPI
GHSA-6jp6-9rf9-gc66 · BIT-weblate-2022-24710, CVE-2022-24710 Cross-site Scripting in Weblate
수정: 2024. 11. 19.
MEDIUM 4.6 PyPI
GHSA-6wxc-8mgq-w26m · CVE-2026-45106 Weblate: Stored HTML injection in editor search preview
수정: 2026. 5. 15.
CRITICAL 9.1 PyPI
GHSA-8vcg-cfxj-p5m3 · CVE-2025-68398 Weblate is vulnerable to RCE through Git config file overwrite
수정: 2026. 2. 6.
MEDIUM PyPI
GHSA-cwcx-382v-8m9g · CVE-2026-41654 Weblate Vulnerable to Authenticated SSRF via Project Backup Import bypassing validate_repo_url
수정: 2026. 5. 8.
MEDIUM 4.1 PyPI
GHSA-f8hv-g549-hwg2 · CVE-2026-39845, PYSEC-2026-156 Weblate: SSRF via the webhook add-on using unprotected fetch_url()
수정: 2026. 5. 20.
MEDIUM 5.0 PyPI
GHSA-ffgh-3jrf-8wvh · CVE-2026-40256 Weblate: Prefix-Based Repository Boundary Check Bypass via Symlink/Junction Path Prefix Collision
수정: 2026. 4. 16.
HIGH 7.7 PyPI
GHSA-g925-f788-4jh7 · CVE-2025-68279 Weblate has an arbitrary file read via symbolic links
수정: 2025. 12. 20.
MEDIUM 4.3 PyPI
GHSA-gcg5-86jr-f7jg · CVE-2026-44263 Weblate Vulnerable to Private Translation Enumeration via Screenshot API
수정: 2026. 5. 8.
LOW 2.6 PyPI
GHSA-gr35-vpx2-qxhc · CVE-2025-64326, PYSEC-2025-126 Weblate leaks the IP of project member inviting user to be reviewer in Audit log
수정: 2026. 5. 20.
MEDIUM 5.0 PyPI
GHSA-hfpv-mc5v-p9mm · CVE-2025-66407, PYSEC-2025-231 Weblate has a Server-Side Request Forgery issue
수정: 2026. 5. 26.
HIGH 7.7 PyPI
GHSA-hv99-mxm5-q397 · CVE-2026-34242 Weblate: Arbitrary File Read via Symlink
수정: 2026. 4. 16.
MEDIUM 5.3 PyPI
GHSA-j24g-gm76-j829 · CVE-2017-5537, PYSEC-2017-42 Weblate user account enumeration via reset password form
수정: 2024. 11. 19.
MEDIUM 4.4 PyPI
GHSA-jfgp-674x-6q4p · CVE-2024-39303 Weblate vulnerable to improper sanitization of project backups
수정: 2024. 11. 21.
LOW 2.2 PyPI
GHSA-m67m-3p5g-cw9j · CVE-2025-32021, PYSEC-2025-35 VCS credentials included in URL parameters are potentially logged and saved into browser history as plaintext
수정: 2026. 2. 4.
LOW PyPI
GHSA-m6hq-f4w9-qrjj · CVE-2025-64725 Weblate has improper validation upon invitation acceptance
수정: 2025. 12. 17.
MEDIUM 4.3 PyPI
GHSA-mpf5-3vph-q75r · CVE-2026-33214, PYSEC-2026-152 Weblate: Improper access control for the translation memory in API
수정: 2026. 5. 20.
MEDIUM 6.8 PyPI
GHSA-mqph-7h49-hqfm · CVE-2026-33220, PYSEC-2026-153 Weblate: JavaScript localization CDN add-on allows arbitrary local file read outside the repository
수정: 2026. 5. 20.
MEDIUM 5.3 PyPI
GHSA-pj86-258h-qrvf · CVE-2025-67492, PYSEC-2025-232 Weblate's over‑permissive webhook endpoint enables mass repository updates and component enumeration
수정: 2026. 5. 20.
LOW 3.1 PyPI
GHSA-vj45-x3pj-f4w4 · CVE-2026-33212 Weblate: Improper access control for pending tasks in API
수정: 2026. 4. 16.
MEDIUM 4.3 PyPI
GHSA-wppc-7cq7-cgfv · CVE-2026-27457 Weblate: Missing access control for the AddonViewSet API exposes all addon configurations
수정: 2026. 2. 28.
MEDIUM 5.0 PyPI
GHSA-xrwr-fcw6-fmq8 · CVE-2026-34244 Weblate: SSRF via Project-Level Machinery Configuration
수정: 2026. 4. 16.