Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2026-23535
CVE-2026-23535
wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.2, the multi-translation download could write to an arbitrary location when instructed by a crafted server. This vulnerability is fixed in 1.17.2.
Published Jan 17, 2026
https://github.com/advisories/GHSA-mmwx-79f6-67jg
CVSS Score
High
8.1
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
pypi
wlc
0.10
pypi
wlc
0.1
pypi
wlc
0.2
pypi
wlc
0.3
pypi
wlc
0.4
pypi
wlc
0.5
pypi
wlc
0.6
pypi
wlc
0.7
pypi
wlc
0.8
pypi
wlc
0.9
pypi
wlc
1.0
pypi
wlc
1.10
pypi
wlc
1.11
pypi
wlc
1.12
pypi
wlc
1.13
pypi
wlc
1.14
pypi
wlc
1.15
pypi
wlc
1.16.1
pypi
wlc
1.17.0
pypi
wlc
1.17.1
pypi
wlc
1.1
pypi
wlc
1.2
pypi
wlc
1.3
pypi
wlc
1.4
pypi
wlc
1.5
pypi
wlc
1.6
pypi
wlc
1.7
pypi
wlc
1.8
pypi
wlc
1.9
1-29 of 29
CVE-2026-23535 | Components Impacted | Sonatype Guide | Sonatype Guide
