Home

Description

Weblate is a web based localization tool. In versions prior to 5.17, the user patching API endpoint didn't properly limit the scope of edits. This issue has been fixed in version 5.17.

PUBLISHED Reserved 2026-03-27 | Published 2026-04-15 | Updated 2026-04-15 | Assigner GitHub_M




HIGH: 8.8CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-269: Improper Privilege Management

Product status

< 5.17
affected

References

github.com/...eblate/security/advisories/GHSA-3382-gw9x-477v

github.com/WeblateOrg/weblate/pull/18687

cve.org (CVE-2026-34393)

nvd.nist.gov (CVE-2026-34393)

Download JSON