PT-2025-51315 · Weblate · Weblate

Nahid0X

·

Published

2025-12-15

·

Updated

2025-12-21

·

CVE-2025-64725

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Weblate versions prior to 5.15
Description Weblate is a web-based localization tool. Versions prior to 5.15 allowed accepting an invitation opened by a different user.
Recommendations Update to version 5.15 or later. As a workaround, avoid leaving Weblate sessions with an invitation opened unattended.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-286

Related Identifiers

CVE-2025-64725
GHSA-M6HQ-F4W9-QRJJ

Affected Products

Weblate