Vulnerability Database

308,681

Total vulnerabilities in the database

CVE-2025-58352

Weblate is a web based localization tool. Versions lower than 5.13.1 contain a vulnerability that causes long session expiry during the second factor verification. The long session expiry could be used to circumvent rate limiting of the second factor. This issue is fixed in version 5.13.1.

Published: Sep 4, 2025
Updated: Nov 17, 2025
CVE: CVE-2025-58352
GHSA: GHSA-377j-wj38-4728
Severity: Low
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

CWEs:

CWE-613

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
Weblate	-	5.13.1
weblate / weblate	-	5.13.1

https://github.com/WeblateOrg/weblate/commit/0b46fe596231dd456283ead66699ae5516f23908
https://github.com/WeblateOrg/weblate/pull/16002
https://github.com/WeblateOrg/weblate/security/advisories/GHSA-377j-wj38-4728

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo