EUVD-2026-29108

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Page/Article.Php. This issue affects MediaWiki: from before 1.43.7, 1.44.4, 1.45.2...

CVE-2026-34095

CVE-2026-34095 is a MediaWiki vulnerability affecting systems running before 1.43.7, 1.44.4, or 1.45.2, with the issue tied to the core files includes/Actions/ActionEntryPoint.Php and includes/Request/FauxResponse.Php. The connected advisories identify this CVE among a set of MediaWiki flaws and ...

CVE-2026-34086

Vulnerability in Wikimedia Foundation AbuseFilter. This issue affects AbuseFilter: from before 1.43.7, 1.44.4, 1.45.2...

CVE-2026-34088 RecentChanges entries expose suppressed content via generated log page html

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This issue affects MediaWiki: from before 1.43.7, 1.44.4, 1.45.2...

MediaWiki 安全漏洞

MediaWiki is a free and open-source wiki engine developed by the Wikimedia Foundation in the United States. This product can be used to deploy internal knowledge management and content management systems. Versions of MediaWiki prior to 1.43.7, 1.44.4, and 1.45.2 contain security vulnerabilities...

CVE-2026-39934 Growth Experiments ReassignMenteesJob runs as an infinite loop

Loop with unreachable exit condition 'infinite loop' vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Leveraging Time-of-Check and Time-of-Use TOCTOU Race Conditions. This issue was remediated only on the master branch...

EUVD-2026-19851

Improper neutralization of alternate XSS syntax vulnerability in The Wikimedia Foundation Mediawiki - Wikilove Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - Wikilove Extension: 1.43.7, 1.44.4, 1.45.2...

CVE-2026-22711

Improper neutralization of alternate XSS syntax vulnerability in The Wikimedia Foundation Mediawiki - Wikilove Extension allows Cross-Site Scripting XSS.The issue has been remediated on the master branch, and in the release branches for MediaWiki versions 1.43, 1.44, and 1.45...

CVE-2026-5762 ReportIncident DiscussionTools integration causes slow requests

Allocation of resources without limits or throttling vulnerability in Wikimedia Foundation MediaWiki - ReportIncident Extension allows HTTP DoS. This issue was remediated only on the master branch...

CVE-2026-22711

Improper neutralization of alternate XSS syntax vulnerability in The Wikimedia Foundation Mediawiki - Wikilove Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - Wikilove Extension: 1.43.7, 1.44.4, 1.45.2...

PT-2026-30974

Improper neutralization of alternate XSS syntax vulnerability in The Wikimedia Foundation Mediawiki - Wikilove Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - Wikilove Extension: 1.43.7, 1.44.4, 1.45.2...

MediaWiki - WikiLove Extension 安全漏洞

MediaWiki – WikiLove Extension is an extension to MediaWiki that promotes the spirit of love and care in wikis. Versions 1.43.7, 1.44.4, and 1.45.2 of MediaWiki – WikiLove Extension contain security vulnerabilities. These vulnerabilities stem from improper neutralization of alternative XSS syntax...

PT-2026-31044

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - CampaignEvents Extension: 1.43.7, 1.44.4, 1.45.2...