Lucene search
+L

343 matches found

euvd
euvd
added 2026/07/01 5:30 p.m.9 views

EUVD-2026-41102

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in The Wikimedia Foundation Mediawiki - Cargo Extension allows SQL Injection. This issue affects Mediawiki - Cargo Extension: from before 1.43.9,1.44.6,1.45.4...

6.9CVSS5.8AI score0.00283EPSS
Exploits0References2
osv
osv
added 2026/07/01 4:16 p.m.4 views

CVE-2026-8857

A vulnerability in Wikimedia Foundation timeline. This vulnerability is associated with program files scripts/EasyTimeline.Pl, includes/Timeline.Php. This issue affects timeline: from before 1.46.0, 1.45.4, 1.44.6, 1.43.9...

8.8CVSS6.1AI score
Exploits0References1
nvd
nvd
added 2026/07/01 4:16 p.m.40 views

CVE-2026-58029

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiChangeAuthenticationData.Php, includes/Api/ApiLinkAccount.Php, includes/Api/ApiRemoveAuthenticationData.Php, includes/Specials/SpecialLinkAccounts.Php,...

6.5CVSS0.00351EPSS
Exploits0References1
nvd
nvd
added 2026/07/01 4:16 p.m.10 views

CVE-2026-58036

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryAllUsers.Php, includes/Api/ApiQueryUsers.Php, includes/Permissions/PermissionManager.Php,...

7.5CVSS0.00243EPSS
Exploits0References1
nvd
nvd
added 2026/07/01 4:16 p.m.8 views

CVE-2026-58030

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation SyntaxHighlightGeSHi. This vulnerability is associated with program files includes/SyntaxHighlight.Php. This issue affects SyntaxHighlightGeSHi: from before 1.46.0,...

6.1CVSS0.0027EPSS
Exploits0References1
osv
osv
added 2026/07/01 3:17 p.m.3 views

UBUNTU-CVE-2026-58035

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Block/SpecialBlock.Vue...

4.8CVSS5.8AI score0.00142EPSS
Exploits0References4
cvelist
cvelist
added 2026/07/01 3:1 p.m.32 views

CVE-2026-58027 QueryAbuseFilter API can be used to see the hit count of private filters, which is hidden in the UI

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation AbuseFilter. This vulnerability is associated with program files includes/Api/QueryAbuseFilters.Php. This issue affects AbuseFilter: from before 1.46.0, 1.45.4, 1.44.6, 1.43.9...

5.3CVSS0.00371EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/07/01 3:1 p.m.10 views

CVE-2026-58027

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation AbuseFilter. This vulnerability is associated with program files includes/Api/QueryAbuseFilters.Php. This issue affects AbuseFilter: from before 1.46.0, 1.45.4, 1.44.6, 1.43.9...

5.3CVSS5.8AI score0.00371EPSS
Exploits0References2
cve
cve
added 2026/07/01 3:1 p.m.17 views

CVE-2026-58027

CVE-2026-58027 affects Wikimedia Foundation AbuseFilter. The issue arises in the QueryAbuseFilters.Php API, allowing an unauthenticated actor to see the hit count of private filters, which is hidden in the UI. Affected are AbuseFilter versions before 1.46.0, 1.45.4, 1.44.6, and 1.43.9. The CVSS b...

6.5CVSS5.8AI score0.00371EPSS
Exploits0References1Affected Software1
attackerkb
attackerkb
added 2026/07/01 2:32 p.m.7 views

CVE-2026-13707

Session fixation vulnerability in Wikimedia Foundation OAuth. This vulnerability is associated with program files src/Backend/MWOAuthServer.Php. This issue affects OAuth: from through 1.46.0, 1.45.4, 1.44.6, 1.43.9...

5.8AI score0.00217EPSS
Exploits0References2
cve
cve
added 2026/07/01 2:32 p.m.17 views

CVE-2026-13707

CVE-2026-13707 : Session fixation vulnerability in Wikimedia Foundation OAuth. Affected: OAuth server components (MWOAuthServer.Php) in Wikimedia Foundation's OAuth deployment, with versions from 1.43.9 through 1.46.0 vulnerable to session fixation due to issues in the OAuth flow. CVSS 3.1 base s...

7.6CVSS5.8AI score0.00217EPSS
Exploits0References1Affected Software1
cve
cve
added 2026/07/01 2:29 p.m.17 views

CVE-2026-13706

The CVE-2026-13706 entry concerns Wikimedia Foundation UrlShortener with an improper input validation issue in the UrlShortenerUtils.Php component. According to the NVD entry, the flaw yields a HIGH-severity impact across confidentiality, integrity, and availability (C:H/I:H/A:H) with network att...

8.8CVSS5.8AI score0.00328EPSS
Exploits0References1Affected Software1
attackerkb
attackerkb
added 2026/07/01 2:29 p.m.7 views

CVE-2026-13706

Improper input validation vulnerability in Wikimedia Foundation UrlShortener. This vulnerability is associated with program files includes/UrlShortenerUtils.Php...

5.8AI score0.00328EPSS
Exploits0References2
euvd
euvd
added 2026/07/01 2:21 p.m.8 views

EUVD-2026-41011

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules/ext.CheckUser.TempAccounts/components/blockConnectedTempAccountsField.Vue. This issue affects...

5.8AI score0.00142EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/07/01 12:0 a.m.6 views

PT-2026-54904

Name of the Vulnerable Software and Affected Versions MediaWiki affected versions not specified Description An issue exists involving improper neutralization of input during web page generation, leading to Cross-site Scripting XSS, where malicious scripts are injected into trusted websites. This...

4.8CVSS6.1AI score0.00142EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2026/07/01 12:0 a.m.8 views

PT-2026-54634

Name of the Vulnerable Software and Affected Versions Wikimedia Foundation UrlShortener affected versions not specified Description Improper input validation occurs within the includes/UrlShortenerUtils.Php file. Input validation is the process of ensuring that a program operates on clean, correc...

8.8CVSS6.1AI score0.00328EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/07/01 12:0 a.m.13 views

PT-2026-54646

Name of the Vulnerable Software and Affected Versions Mediawiki - Charts Extension versions prior to 1.43.9 Mediawiki - Charts Extension versions prior to 1.44.6 Mediawiki - Charts Extension versions prior to 1.45.4 Description Improper neutralization of input during web page generation allows fo...

6.9CVSS5.9AI score0.00175EPSS
Exploits0References8
redhatcve
redhatcve
added 2026/06/05 7:26 p.m.8 views

CVE-2026-39839

Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7...

6.3CVSS5.4AI score0.00181EPSS
Exploits1References1
euvd
euvd
added 2026/05/11 6:31 p.m.16 views

EUVD-2026-29108

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Page/Article.Php. This issue affects MediaWiki: from before 1.43.7, 1.44.4, 1.45.2...

2CVSS5.8AI score0.0017EPSS
Exploits0References2
euvd
euvd
added 2026/05/11 6:31 p.m.12 views

EUVD-2026-29062

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation CheckUser. This issue affects CheckUser: from 1.45.0 before 1.45.2...

4.8CVSS5.8AI score0.0028EPSS
Exploits0References2
Rows per page
Query Builder