CVE-2025-64326 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2025-64326 Interim 1 1 2025-12-23T00:15:42Z current 2025-12-23T00:15:42Z 2025-12-23T00:15:42Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2025-64326 Weblate is a web based localization tool. In versions 5.14 and below, Weblate leaks the IP address of the project member inviting the user to the project in the audit log. The audit log includes IP addresses from admin-triggered actions, which can be viewed by invited users. This issue is fixed in version 5.14.1. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed weblate-5.14.3-1.1 weblate-5.14.3-1.1 as a component of openSUSE Tumbleweed Weblate is a web based localization tool. In versions 5.14 and below, Weblate leaks the IP address of the project member inviting the user to the project in the audit log. The audit log includes IP addresses from admin-triggered actions, which can be viewed by invited users. This issue is fixed in version 5.14.1. CVE-2025-64326 openSUSE Tumbleweed:weblate-5.14.3-1.1 low 3.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N