Package impact
PIP / weblate
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-41654 | high | 8.1 | 8.1 | 22d ago | Weblate Vulnerable to Authenticated SSRF via Project Backup Import bypassing validate_repo_url | |||
| CVE-2026-45106 | medium | — | 5.5 | 14d ago | Weblate: Stored HTML injection in editor search preview | |||
| CVE-2026-41519 | medium | 5.4 | 5.4 | 29d ago | Weblate Doesn't Invalidate API Token on Password Change | |||
| CVE-2026-44263 | medium | 4.3 | 4.3 | 22d ago | Weblate Vulnerable to Private Translation Enumeration via Screenshot API | |||
| CVE-2026-44264 | medium | 4.3 | 4.3 | 23d ago | Weblate vulnerable to XSS via crafted Markdown |