Lucene search
K

337 matches found

EUVD
EUVD
added 4 days ago7 views

EUVD-2026-41102

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in The Wikimedia Foundation Mediawiki - Cargo Extension allows SQL Injection. This issue affects Mediawiki - Cargo Extension: from before 1.43.9,1.44.6,1.45.4...

6.9CVSS5.8AI score0.00247EPSS
Exploits0References2
NVD
NVD
added 4 days ago6 views

CVE-2026-58036

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryAllUsers.Php, includes/Api/ApiQueryUsers.Php, includes/Permissions/PermissionManager.Php,...

2.1CVSS0.00239EPSS
Exploits0References1
NVD
NVD
added 4 days ago6 views

CVE-2026-58030

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation SyntaxHighlightGeSHi. This vulnerability is associated with program files includes/SyntaxHighlight.Php. This issue affects SyntaxHighlightGeSHi: from before 1.46.0,...

5.3CVSS0.0039EPSS
Exploits0References1
NVD
NVD
added 4 days ago14 views

CVE-2026-58029

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiChangeAuthenticationData.Php, includes/Api/ApiLinkAccount.Php, includes/Api/ApiRemoveAuthenticationData.Php, includes/Specials/SpecialLinkAccounts.Php,...

5.3CVSS0.00543EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago29 views

CVE-2026-58027 QueryAbuseFilter API can be used to see the hit count of private filters, which is hidden in the UI

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation AbuseFilter. This vulnerability is associated with program files includes/Api/QueryAbuseFilters.Php. This issue affects AbuseFilter: from before 1.46.0, 1.45.4, 1.44.6, 1.43.9...

5.3CVSS0.00382EPSS
Exploits0References1
CVE
CVE
added 4 days ago9 views

CVE-2026-58027

CVE-2026-58027 affects Wikimedia Foundation AbuseFilter. The issue arises in the QueryAbuseFilters.Php API, allowing an unauthenticated actor to see the hit count of private filters, which is hidden in the UI. Affected are AbuseFilter versions before 1.46.0, 1.45.4, 1.44.6, and 1.43.9. The CVSS b...

5.3CVSS5.8AI score0.00382EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-58027

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation AbuseFilter. This vulnerability is associated with program files includes/Api/QueryAbuseFilters.Php. This issue affects AbuseFilter: from before 1.46.0, 1.45.4, 1.44.6, 1.43.9...

5.3CVSS5.8AI score0.00382EPSS
Exploits0References2
CVE
CVE
added 4 days ago8 views

CVE-2026-13707

CVE-2026-13707 describes a session fixation vulnerability in Wikimedia Foundation OAuth, associated with the file src/Backend/MWOAuthServer.Php. Affected versions include OAuth implementations up to 1.46.0, 1.45.4, 1.44.6, and 1.43.9. The connected documents do not provide explicit root-cause det...

5.8AI score0.00255EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago5 views

CVE-2026-13707

Session fixation vulnerability in Wikimedia Foundation OAuth. This vulnerability is associated with program files src/Backend/MWOAuthServer.Php. This issue affects OAuth: from through 1.46.0, 1.45.4, 1.44.6, 1.43.9...

5.8AI score0.00255EPSS
Exploits0References2
CVE
CVE
added 4 days ago8 views

CVE-2026-13706

The CVE pertains to Wikimedia Foundation’s UrlShortener extension, specifically a vulnerability in the UrlShortenerUtils.Php implementation. The issue is improper input validation caused by a discrepancy between PHP’s URL parsing and WHATWG URL parsing, enabling bypassing of validation in the Url...

5.8AI score0.00278EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago5 views

CVE-2026-13706

Improper input validation vulnerability in Wikimedia Foundation UrlShortener. This vulnerability is associated with program files includes/UrlShortenerUtils.Php...

5.8AI score0.00278EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-41011

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules/ext.CheckUser.TempAccounts/components/blockConnectedTempAccountsField.Vue. This issue affects...

5.8AI score0.00247EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.7 views

CVE-2026-39839

Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7...

6.3CVSS5.4AI score0.00181EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/11 6:31 p.m.14 views

EUVD-2026-29108

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Page/Article.Php. This issue affects MediaWiki: from before 1.43.7, 1.44.4, 1.45.2...

2CVSS5.8AI score0.0017EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/11 6:31 p.m.13 views

EUVD-2026-29060

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This issue affects MediaWiki: from before 1.43.7, 1.44.4, 1.45.2...

5.3CVSS5.8AI score0.0029EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/11 6:31 p.m.11 views

EUVD-2026-29062

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation CheckUser. This issue affects CheckUser: from 1.45.0 before 1.45.2...

4.8CVSS5.8AI score0.0028EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/11 6:31 p.m.11 views

EUVD-2026-29061

Vulnerability in Wikimedia Foundation Scribunto. This issue affects Scribunto: from 1.45.0 before 1.45.2...

2.3CVSS5.8AI score0.00228EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/11 6:31 p.m.9 views

EUVD-2026-29058

Vulnerability in Wikimedia Foundation AbuseFilter. This issue affects AbuseFilter: from before 1.43.7, 1.44.4, 1.45.2...

2.1CVSS5.8AI score0.00244EPSS
Exploits0References2
CVE
CVE
added 2026/05/11 4:55 p.m.20 views

CVE-2026-5266

CVE-2026-5266 affects Wikimedia Foundation Echo, specifically the includes/Api/ApiEchoNotifications.Php component. The vulnerability allows exposure of sensitive information to an unauthorized actor and affects Echo versions before 1.43.7, 1.44.4, and 1.45.2. The Debian advisory notes the issue c...

2.3CVSS5.8AI score0.00247EPSS
Exploits0References1
NVD
NVD
added 2026/05/11 4:17 p.m.13 views

CVE-2026-34090

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation CheckUser. This issue affects CheckUser: from 1.45.0 before 1.45.2...

7.5CVSS0.0028EPSS
Exploits0References1
Rows per page
Query Builder