CVE-2026-34242 | weblate up to 5.16 path traversal (GHSA-hv99-mxm5-q397)

April 16, 2026 Yanac

A vulnerability identified as critical has been detected in weblate up to 5.16. Affected is an unknown function. Performing a manipulation results in path traversal.

This vulnerability is reported as CVE-2026-34242. The attack is possible to be carried out remotely. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More

CVE-2026-34244 | weblate up to 5.16 Error Message WEBLATE_MACHINERY server-side request forgery (GHSA-xrwr-fcw6-fmq8)
CVE-2026-33440 | weblate up to 5.16 Setting ALLOWED_ASSET_DOMAINS server-side request forgery (GHSA-5fhx-9jwj-867m)