Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2026/02/04 3:15 a.m.7 views

CVE-2025-67478

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This issue affects CheckUser: from before 1.39.14, 1.43.4, 1.44.1...

5.2AI score0.00304EPSS
Exploits0References1
NVD
NVD
added 2026/02/03 2:16 a.m.5 views

CVE-2025-61655

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files includes/ApiVisualEditorEdit.Php, modules/ve-mw/init/targets/ve.Init.Mw.DesktopArticleTarget.Js,...

6.1CVSS0.00144EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/03 1:14 a.m.5 views

EUVD-2025-206755

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This issue affects CheckUser: from before 1.39.14, 1.43.4, 1.44.1...

5.3AI score0.00304EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/03 1:2 a.m.26 views

CVE-2025-61656 XSS when pasting into VE

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files src/ce/ve.Ce.ClipboardHandler.Js. This issue affects VisualEditor: from before 1.39.14, 1.43.4, 1.44.1...

0.00149EPSS
Exploits0References1
CVE
CVE
added 2026/02/03 1:2 a.m.26 views

CVE-2025-61656

CVE-2025-61656 is a cross-site scripting (XSS) vulnerability in Wikimedia Foundation VisualEditor, caused by improper input neutralization in ve.Ce.ClipboardHandler.Js. Affected products/versions: VisualEditor before 1.39.14, 1.43.4, and 1.44.1. Impact is primarily client-side, enabling script ex...

6.1CVSS5.2AI score0.00149EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/02/03 12:27 a.m.6 views

EUVD-2025-206638

Vulnerability in Wikimedia Foundation OATHAuth. This vulnerability is associated with program files src/Special/OATHManage.Php. This issue affects OATHAuth: from before 1.39.14, 1.43.4, 1.44.1...

5.3AI score0.00356EPSS
Exploits0References2
NVD
NVD
added 2026/02/03 12:16 a.m.6 views

CVE-2025-61642

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/CodexHTMLForm.Php, includes/htmlform/fields/HTMLButtonField.Php. This issue affects...

6.1CVSS0.0022EPSS
Exploits0References1
NVD
NVD
added 2026/02/03 12:16 a.m.6 views

CVE-2025-61636

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLButtonField.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4,...

4.8CVSS0.00211EPSS
Exploits0References1
NVD
NVD
added 2026/02/03 12:16 a.m.7 views

CVE-2025-61634

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Rest/Handler/PageHTMLHandler.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4, 1.44.1...

3.1CVSS0.00273EPSS
Exploits0References1
OSV
OSV
added 2026/02/03 12:16 a.m.3 views

UBUNTU-CVE-2025-61637

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Action/mediawiki.Action.Edit.Preview.Js, resources/src/mediawiki.Page.Preview.Js...

4.8CVSS5.8AI score0.00219EPSS
Exploits0References4
OSV
OSV
added 2026/02/03 12:16 a.m.5 views

UBUNTU-CVE-2025-61639

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/ManualLogEntry.Php, includes/recentchanges/RecentChangeFactory.Php, includes/recentchanges/RecentChangeStore.Php. This...

6.3CVSS5.8AI score0.0022EPSS
Exploits0References4
CVE
CVE
added 2026/02/03 12:11 a.m.17 views

CVE-2025-61646

CVE-2025-61646 affects Wikimedia Foundation MediaWiki via the includes/RecentChanges/EnhancedChangesList.Php component. Public notices (Debian/Ubuntu OSV) indicate multiple related CVEs in MediaWiki with fixes in Debian oldstable 1:1.39.17-1~deb12u1 and stable 1:1.43.6+dfsg-1~deb13u1; correspondi...

5.4CVSS5.3AI score0.00234EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.8 views

MediaWiki 安全漏洞

MediaWiki is a free and open-source wiki engine developed by the Wikimedia Foundation in the United States. This product can be used to deploy internal knowledge management and content management systems. Versions of MediaWiki prior to 1.39.14, 1.43.4, and 1.44.1 contain security vulnerabilities...

5.4CVSS5.8AI score0.00234EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.8 views

MediaWiki 安全漏洞

MediaWiki is a free and open-source web-based wiki engine developed by the Wikimedia Foundation in the United States. This product can be used to deploy internal knowledge management and content management systems. There are security vulnerabilities in versions of MediaWiki prior to 1.39.14,...

6.9CVSS5.8AI score0.00228EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.11 views

Wikimedia VisualEditor 安全漏洞

Wikimedia VisualEditor is a visual editor developed by the Wikimedia Foundation. Versions of Wikimedia VisualEditor prior to 1.39.14, 1.43.4, and 1.44.1 contained security vulnerabilities due to improper input handling, which could lead to cross-site scripting attacks...

6.1CVSS5.6AI score0.00144EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.8 views

MediaWiki 安全漏洞

MediaWiki is a free and open-source wiki engine developed by the Wikimedia Foundation in the United States. This product can be used to deploy internal knowledge management and content management systems. Versions of MediaWiki prior to 1.39.14, 1.43.4, and 1.44.1 contain security vulnerabilities...

4.8CVSS5.6AI score0.00219EPSS
Exploits0References1
CVE
CVE
added 2026/02/02 11:42 p.m.17 views

CVE-2025-61640

CVE-2025-61640 is a Cross-Site Scripting vulnerability in Wikimedia Foundation MediaWiki related to the file resources/src/mediawiki.Rcfilters/ui/RclToOrFromWidget.Js. It affects MediaWiki versions prior to 1.39.14, 1.43.4, and 1.44.1. The description in connected sources confirms an input handli...

4.8CVSS5.2AI score0.00218EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/02 11:33 p.m.3 views

CVE-2025-61643 EventStreams publishes suppressed recent change entries that are suppressed from their creation

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/recentchanges/RecentChangeRCFeedNotifier.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4, 1.44.1...

6.9CVSS5.3AI score0.00228EPSS
Exploits0References1
Rows per page
Query Builder