Product
tolgee
6 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-32251
CVE-2024-52297
CVE-2024-32470
CVE-2024-32466
CVE-2023-41316
CVE-2023-38510
< 3.166.3
Tolgee is an open-source localization platform. Prior to 3.166.3, the XML parsers used for importing Android XML resources (.xml)
all versions
Tolgee is an open-source localization platform. Tolgee 3.81.1 included the all configuration properties in the PublicConfiguratioD
>= 3.57.2 and < 3.57.4
Tolgee is an open-source localization platform. When API key created by admin user is used it bypasses the permission check at all
< 3.57.2
Tolgee is an open-source localization platform. For the
/v2/projects/translations and /v2/projects/{projectId}/translations en< 3.29.2
Tolgee is an open-source localization platform. Due to lack of validation field - Org Name, bad actor can send emails with HTML in
>= 3.14.0 and < 3.23.1
Tolgee is an open-source localization platform. Starting in version 3.14.0 and prior to version 3.23.1, when a request is made usi