{"vulnerability": "cve-2026-41654", "sightings": [{"uuid": "6b8b8eb1-3fe9-4f0c-bc35-db8fbe79a5d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41654", "type": "seen", "source": "https://bsky.app/profile/releaseport.com/post/3mkqjcrmycr2v", "content": "weblate weblate-5.17.1 patches CVE-2026-41654\nPassword changes auto-regenerate API keys; integrations break unless you reconfigure.\nUpgrade carefully.\n\n\u2192 releaseport.com/r/weblateorg-weblate/weblate-5-17-1", "creation_timestamp": "2026-04-30T21:05:05.230471Z"}, {"uuid": "eae3007f-9503-43e8-837a-9cc554b1ff94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41654", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlbu3j75fy2k", "content": "CVE-2026-41654 - Weblate is Vulnerable to Authenticated SSRF via Project Backup Import bypassing validate_repo_url\nCVE ID : CVE-2026-41654\n \n Published : May 7, 2026, 3:16 p.m. | 1\u00a0hour, 9\u00a0minutes ago\n \n Description : Weblate is a web based localization tool. Prior to version ...", "creation_timestamp": "2026-05-07T18:33:13.445378Z"}]}