CVE-2026-50127: Weblate VCS_RESTRICT_PRIVATE IP Range Bypass (CVSS 5.9)
Weblate, a web-based localization platform, contained a network access control bypass in its VCS_RESTRICT_PRIVATE feature. Between versions 5.15 and before 2026.6, the feature failed to properly recognize certain IPv6 address ranges, IPv4 semi-private ranges, and multicast addresses as restricted. This allowed requests from those network addresses to bypass intended private-range restrictions, potentially enabling unauthorized access to internal resources or services that should have been isolated. The vulnerability has been resolved in version 2026.6.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 5.9 MEDIUM · CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
- Weaknesses (CWE)
- CWE-918
- Affected products
- 0 configuration(s)
- Published / Modified
- 2026-06-10 / 2026-06-17
NVD description (verbatim)
Weblate is a web based localization tool. From version 5.15 to before version 2026.6, Weblate's VCS_RESTRICT_PRIVATE did not properly account for some transitional IPv6 ranges, multicast addresses, or some semi-private IPv4 ranges, which allowed some addresses to bypass private range restrictions. This issue has been patched in version 2026.6.
3 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
The VCS_RESTRICT_PRIVATE mechanism in Weblate is designed to prevent version control system operations from addresses in private IP ranges—a common security control to isolate internal infrastructure. The implementation incorrectly classified certain address families as external when they should have been treated as restricted. Specifically, the vulnerability affects transitional IPv6 ranges (such as IPv4-mapped IPv6 addresses and other legacy bridging mechanisms), IPv6 multicast and anycast ranges, and semi-private IPv4 ranges that fall outside the standard RFC 1918 private blocks (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16). An attacker could craft requests using these overlooked address ranges to circumvent the intended isolation, potentially accessing backend services or triggering unintended VCS operations. The underlying flaw is a logic error in IP range validation (CWE-918: Server-Side Request Forgery).
Business impact
Organizations using Weblate in environments where VCS_RESTRICT_PRIVATE is relied upon for security isolation face elevated risk of unauthorized access to version control systems or related backend infrastructure. If Weblate is deployed in a hybrid or cloud environment where network boundaries are porous, or where it sits adjacent to other critical systems, an attacker could leverage these overlooked IP ranges to bypass intended restrictions and potentially exfiltrate source code, modify translations maliciously, or trigger downstream build and deployment pipelines. The impact is most acute for teams treating the private-range restriction as a primary security boundary rather than one layer of defense.
Affected systems
Weblate versions 5.15 through 2026.5 (inclusive) are affected. The vulnerability does not apply to versions before 5.15 or version 2026.6 and later. Affected installations must be running one of these intermediate versions with VCS_RESTRICT_PRIVATE enabled. Verify your installed version by checking the Weblate admin interface or deployment logs.
Exploitability
Exploitation requires network-layer access to reach the Weblate instance and knowledge of the VCS_RESTRICT_PRIVATE configuration. The attacker must craft requests using one of the overlooked IP ranges (specific transitional IPv6 blocks, multicast ranges, or semi-private IPv4 ranges). The CVSS score of 5.9 (Medium) reflects that while the attack vector is network-accessible and requires no authentication or user interaction, the conditions are somewhat specialized—the attacker must be aware of and able to originate traffic from the specific unfiltered ranges. This is not an easy, widespread exploit, but is feasible for determined adversaries in positions to influence network routing or source addresses.
Remediation
Upgrade Weblate to version 2026.6 or later. This release corrects the IP range validation logic to properly recognize all transitional IPv6 ranges, multicast addresses, and semi-private IPv4 ranges. There are no known workarounds for prior versions; patching is the recommended mitigation. Organizations unable to patch immediately should implement network-level controls (firewall rules, WAF policies, or reverse-proxy filters) to restrict access to the Weblate instance to known trusted networks.
Patch guidance
Weblate administrators should update to version 2026.6 via the standard upgrade process documented in the Weblate deployment guide. The patch modifies the VCS_RESTRICT_PRIVATE validation function to use a comprehensive allowlist of restricted IPv6 and IPv4 ranges, including RFC 4291 transitional formats, link-local and multicast blocks, and semi-private ranges beyond RFC 1918. Test the upgrade in a staging environment first to ensure no integration regressions with your VCS backend (Git, Mercurial, etc.). After upgrade, verify that the private-range filtering is functioning by reviewing Weblate's access logs and confirming that requests from the previously overlooked ranges are now blocked or logged.
Detection guidance
Monitor Weblate access logs and version control system audit trails for unusual request patterns originating from unusual IP addresses—particularly those in IPv6 ranges (fe80::/10 link-local, ff00::/8 multicast, 2001:db8::/32 documentation), IPv4 ranges like 169.254.0.0/16 (link-local), 100.64.0.0/10 (shared address space), or 240.0.0.0/4 (reserved). Look for VCS operations (clone, push, pull, commit) that correlate with these addresses and do not correspond to known internal infrastructure. If you maintain network flow data, search for outbound connections from Weblate instances to backend version control servers with source addresses in these ranges. Check Weblate's application logs for any errors or unusual behavior around the VCS_RESTRICT_PRIVATE feature itself.
Why prioritize this
This vulnerability merits prompt but not emergency remediation. The CVSS score is Medium (5.9), and real-world exploitation requires both network-layer sophistication and specific knowledge of the feature and overlooked ranges. However, if your Weblate instance serves as a gateway to sensitive source code or is positioned in a trust boundary, upgrade sooner. Organizations in fully airgapped or strictly controlled network environments face lower practical risk. Prioritize this alongside other medium-severity patches in your regular cycle, but don't delay beyond the next quarterly patch window.
Risk score, explained
CVSS 5.9 (Medium) reflects a network-accessible vulnerability (AV:N) that requires high complexity to exploit (AC:H)—the attacker must identify and originate traffic from specific overlooked IP ranges. No authentication or user interaction is required (PR:N, UI:N). The impact scope is unchanged (S:U), and confidentiality impact is high (C:H) because an attacker could read or clone sensitive repositories. Integrity and availability impacts are rated as none (I:N, A:N) under the base CVSS model, though in practice, malicious VCS operations could affect both. The AC:H factor is the main reason this is Medium rather than High; real-world attack surface is limited to organizations and network topologies where the attacker can source or route traffic through those specific address ranges.
Frequently asked questions
Do I need to update if VCS_RESTRICT_PRIVATE is disabled in my Weblate configuration?
No, this vulnerability only affects instances where VCS_RESTRICT_PRIVATE is explicitly enabled. If you have disabled the feature or never configured it, you are not exposed. However, we recommend reviewing your network access policies to version control systems regardless, as other controls may be necessary.
What are 'semi-private' and 'transitional' IPv6 ranges, and why are they a risk here?
Semi-private IPv4 ranges (like 100.64.0.0/10, used for carrier-grade NAT) and transitional IPv6 ranges (like ::ffff:0:0/96, used to map IPv4 addresses into IPv6 space) are used in modern networks but are often overlooked in security filters because they're not as well-known as RFC 1918 private ranges. An attacker able to send traffic with a source address in one of these ranges could convince Weblate to treat it as 'private' and therefore trusted, when it shouldn't be.
Can I patch Weblate without downtime?
This depends on your deployment model. If you run Weblate in a container or use a blue-green deployment strategy, patching can often be performed with zero or minimal downtime. If you run a single-instance traditional server, plan for a brief service window. Review the Weblate upgrade guide and test the process in staging before applying to production.
Is there a way to temporarily mitigate this without upgrading?
Implement firewall or reverse-proxy rules to restrict network access to your Weblate instance to known trusted networks only. A WAF can also be configured to block requests with source IPs from the problematic ranges (IPv6 fe80::/10, ff00::/8; IPv4 169.254.0.0/16, 100.64.0.0/10, 240.0.0.0/4). This is not a substitute for patching but reduces attack surface while you plan your upgrade.
This analysis is provided for informational purposes by SEC.co and reflects information available as of the publication and modification dates listed. While we strive for accuracy, we make no warranty regarding the completeness or timeliness of the vulnerability details, patch status, or vendor responses. Organizations should verify patch availability and applicability directly with Weblate's official release notes and security advisories. This is not legal or compliance advice. Consult your security and legal teams regarding patch management obligations and timelines specific to your environment and industry. Source: NVD (public-domain), retrieved 2026-07-19. Analysis generated by SEC.co (claude-haiku-4-5).
Weaknesses (CWE)
Related vulnerabilities
- CVE-2026-10052MEDIUMQuay SSRF in LDAP/SMTP Validation—Internal Network Reconnaissance Risk
- CVE-2026-10177MEDIUMSSRF in Aider-AI Aider 0.86.3 AWS Metadata Endpoint
- CVE-2026-10239MEDIUMJeecgBoot Server-Side Request Forgery (SSRF) in Word Editing Module
- CVE-2026-10240MEDIUMJeecgBoot SSRF Vulnerability in /airag/airagModel/test Endpoint
- CVE-2026-10241MEDIUMJimuReport SSRF in File Download Function – Patch to 3.9.2
- CVE-2026-10274MEDIUMServer-Side Request Forgery in aem-mcp-server
- CVE-2026-10276MEDIUMJenkins-server-mcp SSRF Vulnerability (0.1.0)
- CVE-2026-10517MEDIUMClair SSRF Vulnerability – Unfiltered HTTP Requests Leak Metadata