{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T00:51:59.377","vulnerabilities":[{"cve":{"id":"CVE-2026-23535","sourceIdentifier":"security-advisories@github.com","published":"2026-01-16T19:16:19.407","lastModified":"2026-02-18T16:26:25.577","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.2, the multi-translation download could write to an arbitrary location when instructed by a crafted server. This vulnerability is fixed in 1.17.2."},{"lang":"es","value":"wlc es un cliente de línea de comandos de Weblate que utiliza la API REST de Weblate. Antes de la versión 1.17.2, la descarga de múltiples traducciones podría escribir en una ubicación arbitraria cuando era instruida por un servidor malicioso. Esta vulnerabilidad está corregida en la versión 1.17.2."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":6.0}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:weblate:wlc:*:*:*:*:*:*:*:*","versionEndExcluding":"1.17.2","matchCriteriaId":"FE9E9EAB-FA37-452C-8726-AC707E423550"}]}]}],"references":[{"url":"https://github.com/WeblateOrg/wlc/commit/216e691c6e50abae97fe2e4e4f21501bf49a585f","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/WeblateOrg/wlc/pull/1128","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/WeblateOrg/wlc/releases/tag/1.17.2","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/WeblateOrg/wlc/security/advisories/GHSA-mmwx-79f6-67jg","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory","Mitigation"]}]}}]}