All 6 CVE vulnerabilities found in tolgee-platform, with AI-generated Chinese analysis, references, and POCs.
Vendor: tolgee
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-32251 | Tolgee has an XXE Injection in Translation Import CWE-611 | 6.5AI | MediumAI | 2026-03-12 |
| CVE-2024-52297 | Tolgee's configuration all configuration properties leaked in public configuration DTO CWE-200 | 9.8 | Critical | 2024-11-12 |
| CVE-2024-32470 | Tolgee' API keys created by server admin users bypass the permission check CWE-863 | 6.5 | Medium | 2024-04-18 |
| CVE-2024-32466 | Tolgee's API key scopes not checked when querying translation data CWE-862 | 2.7 | Low | 2024-04-18 |
| CVE-2023-41316 | HTML Injection with email in Tolgee CWE-79 | 5.5 | Medium | 2023-09-07 |
| CVE-2023-38510 | Tolgee Lacks Permission Check for API Key for some endpoints CWE-862 | 8.1 | High | 2023-07-27 |
All 6 known CVE vulnerabilities affecting tolgee-platform with full Chinese analysis, references, and POCs where available.