Browse all 6 CVE security advisories affecting tolgee. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-32251 | Tolgee has an XXE Injection in Translation Import — tolgee-platformCWE-611 | 6.5AI | MediumAI | 2026-03-12 |
| CVE-2024-52297 | Tolgee's configuration all configuration properties leaked in public configuration DTO — tolgee-platformCWE-200 | 9.8 | Critical | 2024-11-12 |
| CVE-2024-32470 | Tolgee' API keys created by server admin users bypass the permission check — tolgee-platformCWE-863 | 6.5 | Medium | 2024-04-18 |
| CVE-2024-32466 | Tolgee's API key scopes not checked when querying translation data — tolgee-platformCWE-862 | 2.7 | Low | 2024-04-18 |
| CVE-2023-41316 | HTML Injection with email in Tolgee — tolgee-platformCWE-79 | 5.5 | Medium | 2023-09-07 |
| CVE-2023-38510 | Tolgee Lacks Permission Check for API Key for some endpoints — tolgee-platformCWE-862 | 8.1 | High | 2023-07-27 |
This page lists every published CVE security advisory associated with tolgee. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.