CNNVD-202601-1823 Information

CNNVD ID

CNNVD-202601-1823

Related CVE

CVE-2026-22251

• CNNVD Published: 2026-01-12

Description (Chinese)

wlc是Weblate开源的一个命令行客户端。 wlc 1.17.0之前版本存在信息泄露漏洞，该漏洞源于支持在设置中提供未限定范围的API密钥，可能导致API密钥泄露到不同的服务器。

Description (English)

wlc is a command line client of the Weblate Open Source. There is an information leak loophole in the pre-wilc 1.17.0, which arises from support for the undefined API key in the settings, which could lead to the leaking of the API key to different servers.

Hazard Level

High

Vulnerability Type

信息泄露

Affected Vendor

Weblate

Published

2026-01-12

Last Modified

2026-02-24

References

https://github.com/WeblateOrg/wlc/commit/aafdb507a9e66574ade1f68c50c4fe75dbe80797 https://github.com/WeblateOrg/wlc/pull/1098 https://github.com/WeblateOrg/wlc/security/advisories/GHSA-9rp8-h4g8-8766

Patch

https://weblate.org/zh-hans/download/