Vulnerabilities

CVE-2025-67492

by Fred · 16/12/2025

Weblate is a web based localization tool. In versions prior to 5.15, it was possible to trigger repository updates for many repositories via a crafted webhook payload. Version 5.15 fixes the issue. As a workaround, disabling webhooks completely using ENABLE_HOOKS avoids this vulnerability.

More information : https://github.com/WeblateOrg/weblate/pull/17221

Similar

Tags: Cybersecurity Alert