{"url":"http://public2.vulnerablecode.io/api/packages/107464?format=json","purl":"pkg:deb/debian/wlc@1.13-2?distro=trixie","type":"deb","namespace":"debian","name":"wlc","version":"1.13-2","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.17.2-1","latest_non_vulnerable_version":"2.0.0-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83476?format=json","vulnerability_id":"VCID-1zb2-dfsm-hubf","summary":"wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.0, the SSL verification would be skipped for some crafted URLs. This vulnerability is fixed in 1.17.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22250","reference_id":"","reference_type":"","scores":[{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00117","published_at":"2026-06-12T12:55:00Z"},{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00118","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22250"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22250","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22250"},{"reference_url":"https://github.com/WeblateOrg/wlc","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/WeblateOrg/wlc"},{"reference_url":"https://github.com/WeblateOrg/wlc/pull/1097","reference_id":"1097","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-12T18:05:29Z/"}],"url":"https://github.com/WeblateOrg/wlc/pull/1097"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125440","reference_id":"1125440","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125440"},{"reference_url":"https://github.com/WeblateOrg/wlc/commit/a513864ec4daad00146e6d6e039559726e256fa3","reference_id":"a513864ec4daad00146e6d6e039559726e256fa3","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-12T18:05:29Z/"}],"url":"https://github.com/WeblateOrg/wlc/commit/a513864ec4daad00146e6d6e039559726e256fa3"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22250","reference_id":"CVE-2026-22250","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22250"},{"reference_url":"https://github.com/advisories/GHSA-2mmv-7rrp-g8xh","reference_id":"GHSA-2mmv-7rrp-g8xh","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2mmv-7rrp-g8xh"},{"reference_url":"https://github.com/WeblateOrg/wlc/security/advisories/GHSA-2mmv-7rrp-g8xh","reference_id":"GHSA-2mmv-7rrp-g8xh","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-12T18:05:29Z/"}],"url":"https://github.com/WeblateOrg/wlc/security/advisories/GHSA-2mmv-7rrp-g8xh"},{"reference_url":"https://usn.ubuntu.com/7981-1/","reference_id":"USN-7981-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7981-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/107467?format=json","purl":"pkg:deb/debian/wlc@1.17.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wlc@1.17.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107466?format=json","purl":"pkg:deb/debian/wlc@2.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wlc@2.0.0-1%3Fdistro=trixie"}],"aliases":["CVE-2026-22250","GHSA-2mmv-7rrp-g8xh"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1zb2-dfsm-hubf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66928?format=json","vulnerability_id":"VCID-d9t4-syt6-pfew","summary":"wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.2, the multi-translation download could write to an arbitrary location when instructed by a crafted server. This vulnerability is fixed in 1.17.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23535","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05045","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05042","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23535"},{"reference_url":"https://github.com/WeblateOrg/wlc","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/WeblateOrg/wlc"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125755","reference_id":"1125755","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125755"},{"reference_url":"https://github.com/WeblateOrg/wlc/pull/1128","reference_id":"1128","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-16T19:20:47Z/"}],"url":"https://github.com/WeblateOrg/wlc/pull/1128"},{"reference_url":"https://github.com/WeblateOrg/wlc/releases/tag/1.17.2","reference_id":"1.17.2","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-16T19:20:47Z/"}],"url":"https://github.com/WeblateOrg/wlc/releases/tag/1.17.2"},{"reference_url":"https://github.com/WeblateOrg/wlc/commit/216e691c6e50abae97fe2e4e4f21501bf49a585f","reference_id":"216e691c6e50abae97fe2e4e4f21501bf49a585f","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-16T19:20:47Z/"}],"url":"https://github.com/WeblateOrg/wlc/commit/216e691c6e50abae97fe2e4e4f21501bf49a585f"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23535","reference_id":"CVE-2026-23535","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23535"},{"reference_url":"https://github.com/advisories/GHSA-mmwx-79f6-67jg","reference_id":"GHSA-mmwx-79f6-67jg","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mmwx-79f6-67jg"},{"reference_url":"https://github.com/WeblateOrg/wlc/security/advisories/GHSA-mmwx-79f6-67jg","reference_id":"GHSA-mmwx-79f6-67jg","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-16T19:20:47Z/"}],"url":"https://github.com/WeblateOrg/wlc/security/advisories/GHSA-mmwx-79f6-67jg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/107467?format=json","purl":"pkg:deb/debian/wlc@1.17.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wlc@1.17.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107466?format=json","purl":"pkg:deb/debian/wlc@2.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wlc@2.0.0-1%3Fdistro=trixie"}],"aliases":["CVE-2026-23535","GHSA-mmwx-79f6-67jg"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d9t4-syt6-pfew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70624?format=json","vulnerability_id":"VCID-h1mu-dj8m-mfdm","summary":"wlc is a Weblate command-line client using Weblate's REST API. Prior to version 2.0.0, the HTML output format in wlc embeds API response data into HTML without escaping, allowing cross-site scripting when the output is rendered in a browser. This issue has been patched in version 2.0.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42150","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12064","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12157","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42150"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42150","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42150"},{"reference_url":"https://github.com/WeblateOrg/wlc","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/WeblateOrg/wlc"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42150","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42150"},{"reference_url":"https://github.com/WeblateOrg/wlc/commit/0f3e58f6d7457b05d48ef40f579a172c4c8b8469","reference_id":"0f3e58f6d7457b05d48ef40f579a172c4c8b8469","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:32:14Z/"}],"url":"https://github.com/WeblateOrg/wlc/commit/0f3e58f6d7457b05d48ef40f579a172c4c8b8469"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136000","reference_id":"1136000","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136000"},{"reference_url":"https://github.com/WeblateOrg/wlc/pull/1327","reference_id":"1327","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:32:14Z/"}],"url":"https://github.com/WeblateOrg/wlc/pull/1327"},{"reference_url":"https://github.com/WeblateOrg/wlc/releases/tag/2.0.0","reference_id":"2.0.0","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:32:14Z/"}],"url":"https://github.com/WeblateOrg/wlc/releases/tag/2.0.0"},{"reference_url":"https://github.com/advisories/GHSA-gx2m-mcc2-r4p3","reference_id":"GHSA-gx2m-mcc2-r4p3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gx2m-mcc2-r4p3"},{"reference_url":"https://github.com/WeblateOrg/wlc/security/advisories/GHSA-gx2m-mcc2-r4p3","reference_id":"GHSA-gx2m-mcc2-r4p3","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:32:14Z/"}],"url":"https://github.com/WeblateOrg/wlc/security/advisories/GHSA-gx2m-mcc2-r4p3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/107466?format=json","purl":"pkg:deb/debian/wlc@2.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wlc@2.0.0-1%3Fdistro=trixie"}],"aliases":["CVE-2026-42150","GHSA-gx2m-mcc2-r4p3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h1mu-dj8m-mfdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83846?format=json","vulnerability_id":"VCID-js9r-1mx5-y3ez","summary":"wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.0, wlc supported providing unscoped API keys in the setting. This practice was discouraged for years, but the code was never removed. This might cause the API key to be leaked to different servers.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22251","reference_id":"","reference_type":"","scores":[{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00134","published_at":"2026-06-12T12:55:00Z"},{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00135","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22251"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22251","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22251"},{"reference_url":"https://github.com/WeblateOrg/wlc","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/WeblateOrg/wlc"},{"reference_url":"https://github.com/WeblateOrg/wlc/pull/1098","reference_id":"1098","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-12T18:43:08Z/"}],"url":"https://github.com/WeblateOrg/wlc/pull/1098"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125441","reference_id":"1125441","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125441"},{"reference_url":"https://github.com/WeblateOrg/wlc/commit/aafdb507a9e66574ade1f68c50c4fe75dbe80797","reference_id":"aafdb507a9e66574ade1f68c50c4fe75dbe80797","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-12T18:43:08Z/"}],"url":"https://github.com/WeblateOrg/wlc/commit/aafdb507a9e66574ade1f68c50c4fe75dbe80797"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22251","reference_id":"CVE-2026-22251","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22251"},{"reference_url":"https://github.com/advisories/GHSA-9rp8-h4g8-8766","reference_id":"GHSA-9rp8-h4g8-8766","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9rp8-h4g8-8766"},{"reference_url":"https://github.com/WeblateOrg/wlc/security/advisories/GHSA-9rp8-h4g8-8766","reference_id":"GHSA-9rp8-h4g8-8766","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-12T18:43:08Z/"}],"url":"https://github.com/WeblateOrg/wlc/security/advisories/GHSA-9rp8-h4g8-8766"},{"reference_url":"https://usn.ubuntu.com/7981-1/","reference_id":"USN-7981-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7981-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/107467?format=json","purl":"pkg:deb/debian/wlc@1.17.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wlc@1.17.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107466?format=json","purl":"pkg:deb/debian/wlc@2.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wlc@2.0.0-1%3Fdistro=trixie"}],"aliases":["CVE-2026-22251","GHSA-9rp8-h4g8-8766"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-js9r-1mx5-y3ez"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wlc@1.13-2%3Fdistro=trixie"}