icon

We found results for “

CVE-2025-49134

Good to know:

icon
icon

Date: June 16, 2025

Weblate is a web based localization tool. Prior to version 5.12, the audit log notifications included the full IP address of the acting user. This could be obtained by third-party servers such as SMTP relays, or spam filters. This issue has been patched in version 5.12.

Severity Score

Weakness Type (CWE)

Exposure of Private Personal Information to an Unauthorized Actor

CWE-359

Top Fix

icon

Upgrade Version

Upgrade to version weblate - 5.12.0;https://github.com/WeblateOrg/weblate.git - weblate-5.12

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): HIGH
User Interaction (UI): NONE
Scope (S): CHANGED
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): NONE

Do you need more information?

Contact Us