Home > Vulnerability Database > CVE-2026-22250

Mend.io Vulnerability Database

CVE-2026-22250

Good to know:

Date: January 12, 2026

wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.0, the SSL verification would be skipped for some crafted URLs. This vulnerability is fixed in 1.17.0.

Severity Score

2.5

Related Resources (6)

Url: https://github.com/WeblateOrg/wlc

Url: https://nvd.nist.gov/vuln/detail/CVE-2026-22250

Url: https://github.com/WeblateOrg/wlc/commit/a513864ec4daad00146e6d6e039559726e256fa3

Url: https://github.com/WeblateOrg/wlc/pull/1097

Url: https://github.com/WeblateOrg/wlc/security/advisories/GHSA-2mmv-7rrp-g8xh

Url: https://www.mend.io/vulnerability-database/CVE-2026-22250

Severity Score

2.5

Weakness Type (CWE)

Improper Certificate Validation

CWE-295

Top Fix

Upgrade Version

Upgrade to version wlc - 1.17.0;https://github.com/WeblateOrg/wlc.git - 1.17.0

Learn More

CVSS v3.1

Base Score:	2.5
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	HIGH
Privileges Required (PR):	LOW
User Interaction (UI):	REQUIRED
Scope (S):	CHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2026-22250

Good to know:

Date: January 12, 2026

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?