Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
Typedeb
Namespacedebian
Namemediawiki
Version1:1.39.17-1~deb12u1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1:1.39.17-1+deb12u2
Latest_non_vulnerable_version1:1.43.8+dfsg-2
Affected_by_vulnerabilities
0
url VCID-7831-8u7z-6fep
vulnerability_id VCID-7831-8u7z-6fep
summary Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/editpage/IntroMessageBuilder.Php, includes/Permissions/PermissionManager.Php, includes/Permissions/RestrictionStore.Php. This issue affects MediaWiki: before 1.42.6, 1.43.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-32697
reference_id
reference_type
scores
0
value 0.00258
scoring_system epss
scoring_elements 0.49172
published_at 2026-04-02T12:55:00Z
1
value 0.0031
scoring_system epss
scoring_elements 0.54193
published_at 2026-04-21T12:55:00Z
2
value 0.0031
scoring_system epss
scoring_elements 0.54159
published_at 2026-04-09T12:55:00Z
3
value 0.0031
scoring_system epss
scoring_elements 0.54209
published_at 2026-04-11T12:55:00Z
4
value 0.0031
scoring_system epss
scoring_elements 0.54191
published_at 2026-04-12T12:55:00Z
5
value 0.0031
scoring_system epss
scoring_elements 0.5417
published_at 2026-04-13T12:55:00Z
6
value 0.0031
scoring_system epss
scoring_elements 0.54208
published_at 2026-04-16T12:55:00Z
7
value 0.0031
scoring_system epss
scoring_elements 0.54212
published_at 2026-04-18T12:55:00Z
8
value 0.0031
scoring_system epss
scoring_elements 0.54135
published_at 2026-04-04T12:55:00Z
9
value 0.0031
scoring_system epss
scoring_elements 0.5411
published_at 2026-04-07T12:55:00Z
10
value 0.0031
scoring_system epss
scoring_elements 0.54161
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-32697
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32697
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32697
2
reference_url https://phabricator.wikimedia.org/T140010
reference_id T140010
reference_type
scores
0
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/RE:M/U:Green
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T19:05:19Z/
url https://phabricator.wikimedia.org/T140010
3
reference_url https://phabricator.wikimedia.org/T24521
reference_id T24521
reference_type
scores
0
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/RE:M/U:Green
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T19:05:19Z/
url https://phabricator.wikimedia.org/T24521
4
reference_url https://phabricator.wikimedia.org/T62109
reference_id T62109
reference_type
scores
0
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/RE:M/U:Green
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T19:05:19Z/
url https://phabricator.wikimedia.org/T62109
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
purl pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2
1
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-buwp-69zb-93hs
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-q7k6-59z5-d7a7
5
vulnerability VCID-wktm-ya6k-v7dv
6
vulnerability VCID-x8t7-agtn-zudu
7
vulnerability VCID-xdct-ca96-3uat
8
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1
aliases CVE-2025-32697
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7831-8u7z-6fep
1
url VCID-cbtm-g4t5-u3am
vulnerability_id VCID-cbtm-g4t5-u3am
summary
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34093
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34093
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
purl pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2
1
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1
2
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1
3
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2
aliases CVE-2026-34093
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cbtm-g4t5-u3am
2
url VCID-d5vz-puw9-t7er
vulnerability_id VCID-d5vz-puw9-t7er
summary
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34088
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34088
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
purl pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2
1
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1
2
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1
3
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2
aliases CVE-2026-34088
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d5vz-puw9-t7er
3
url VCID-kw32-af5a-hqg8
vulnerability_id VCID-kw32-af5a-hqg8
summary
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34095
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34095
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
purl pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2
1
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1
2
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1
3
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2
aliases CVE-2026-34095
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kw32-af5a-hqg8
4
url VCID-wktm-ya6k-v7dv
vulnerability_id VCID-wktm-ya6k-v7dv
summary
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34086
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34086
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
purl pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2
1
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-buwp-69zb-93hs
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-q7k6-59z5-d7a7
5
vulnerability VCID-wktm-ya6k-v7dv
6
vulnerability VCID-x8t7-agtn-zudu
7
vulnerability VCID-xdct-ca96-3uat
8
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1
2
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1
3
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1
4
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2
aliases CVE-2026-34086
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wktm-ya6k-v7dv
5
url VCID-x8t7-agtn-zudu
vulnerability_id VCID-x8t7-agtn-zudu
summary
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34087
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34087
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
purl pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2
1
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1
2
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1
3
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2
aliases CVE-2026-34087
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x8t7-agtn-zudu
6
url VCID-zmax-894d-5kfd
vulnerability_id VCID-zmax-894d-5kfd
summary
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34092
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34092
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
purl pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2
1
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1
2
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1
3
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2
aliases CVE-2026-34092
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zmax-894d-5kfd
Fixing_vulnerabilities
0
url VCID-2wcb-hty6-uyez
vulnerability_id VCID-2wcb-hty6-uyez
summary Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki Core - Feed Utils allows WebView Injection.This issue affects Mediawiki Core - Feed Utils: from 1.39 through 1.43.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-32072
reference_id
reference_type
scores
0
value 0.00454
scoring_system epss
scoring_elements 0.63766
published_at 2026-04-02T12:55:00Z
1
value 0.00544
scoring_system epss
scoring_elements 0.67788
published_at 2026-04-21T12:55:00Z
2
value 0.00544
scoring_system epss
scoring_elements 0.67805
published_at 2026-04-18T12:55:00Z
3
value 0.00544
scoring_system epss
scoring_elements 0.67791
published_at 2026-04-12T12:55:00Z
4
value 0.00544
scoring_system epss
scoring_elements 0.67757
published_at 2026-04-13T12:55:00Z
5
value 0.00544
scoring_system epss
scoring_elements 0.67793
published_at 2026-04-16T12:55:00Z
6
value 0.00544
scoring_system epss
scoring_elements 0.67735
published_at 2026-04-04T12:55:00Z
7
value 0.00544
scoring_system epss
scoring_elements 0.67715
published_at 2026-04-07T12:55:00Z
8
value 0.00544
scoring_system epss
scoring_elements 0.67767
published_at 2026-04-08T12:55:00Z
9
value 0.00544
scoring_system epss
scoring_elements 0.67781
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-32072
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32072
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32072
2
reference_url https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1120134
reference_id 1120134
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-11T16:39:44Z/
url https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1120134
3
reference_url https://phabricator.wikimedia.org/T386175
reference_id T386175
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-11T16:39:44Z/
url https://phabricator.wikimedia.org/T386175
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-32072
risk_score 2.0
exploitability 0.5
weighted_severity 4.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2wcb-hty6-uyez
1
url VCID-3zue-5ccg-23hs
vulnerability_id VCID-3zue-5ccg-23hs
summary Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryRevisionsBase.Php. This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-67480
reference_id
reference_type
scores
0
value 0.00067
scoring_system epss
scoring_elements 0.20645
published_at 2026-04-18T12:55:00Z
1
value 0.00067
scoring_system epss
scoring_elements 0.20636
published_at 2026-04-21T12:55:00Z
2
value 0.00067
scoring_system epss
scoring_elements 0.20647
published_at 2026-04-16T12:55:00Z
3
value 0.00135
scoring_system epss
scoring_elements 0.33244
published_at 2026-04-08T12:55:00Z
4
value 0.00135
scoring_system epss
scoring_elements 0.33338
published_at 2026-04-02T12:55:00Z
5
value 0.00135
scoring_system epss
scoring_elements 0.33283
published_at 2026-04-11T12:55:00Z
6
value 0.00135
scoring_system epss
scoring_elements 0.33279
published_at 2026-04-09T12:55:00Z
7
value 0.00135
scoring_system epss
scoring_elements 0.3337
published_at 2026-04-04T12:55:00Z
8
value 0.00135
scoring_system epss
scoring_elements 0.33202
published_at 2026-04-07T12:55:00Z
9
value 0.00157
scoring_system epss
scoring_elements 0.365
published_at 2026-04-13T12:55:00Z
10
value 0.00157
scoring_system epss
scoring_elements 0.36524
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-67480
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67480
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67480
2
reference_url https://phabricator.wikimedia.org/T401053
reference_id T401053
reference_type
scores
0
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:01:49Z/
url https://phabricator.wikimedia.org/T401053
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-67480
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3zue-5ccg-23hs
2
url VCID-4yhr-jjt9-afaq
vulnerability_id VCID-4yhr-jjt9-afaq
summary Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/api/ApiQueryAllPages.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61641
reference_id
reference_type
scores
0
value 6e-05
scoring_system epss
scoring_elements 0.00371
published_at 2026-04-08T12:55:00Z
1
value 6e-05
scoring_system epss
scoring_elements 0.00385
published_at 2026-04-04T12:55:00Z
2
value 6e-05
scoring_system epss
scoring_elements 0.00372
published_at 2026-04-09T12:55:00Z
3
value 6e-05
scoring_system epss
scoring_elements 0.00374
published_at 2026-04-07T12:55:00Z
4
value 7e-05
scoring_system epss
scoring_elements 0.0056
published_at 2026-04-21T12:55:00Z
5
value 7e-05
scoring_system epss
scoring_elements 0.00521
published_at 2026-04-16T12:55:00Z
6
value 7e-05
scoring_system epss
scoring_elements 0.00526
published_at 2026-04-18T12:55:00Z
7
value 7e-05
scoring_system epss
scoring_elements 0.00525
published_at 2026-04-11T12:55:00Z
8
value 7e-05
scoring_system epss
scoring_elements 0.00523
published_at 2026-04-12T12:55:00Z
9
value 7e-05
scoring_system epss
scoring_elements 0.00524
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61641
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61641
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61641
2
reference_url https://phabricator.wikimedia.org/T298690
reference_id T298690
reference_type
scores
0
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:09:22Z/
url https://phabricator.wikimedia.org/T298690
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-61641
risk_score 0.5
exploitability 0.5
weighted_severity 1.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4yhr-jjt9-afaq
3
url VCID-5myd-ngfx-5qhb
vulnerability_id VCID-5myd-ngfx-5qhb
summary mediawiki: group-.*-member messages are not properly escaped on Special:log/rights
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51704.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51704.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-51704
reference_id
reference_type
scores
0
value 0.00398
scoring_system epss
scoring_elements 0.60551
published_at 2026-04-02T12:55:00Z
1
value 0.00398
scoring_system epss
scoring_elements 0.60579
published_at 2026-04-04T12:55:00Z
2
value 0.00398
scoring_system epss
scoring_elements 0.60548
published_at 2026-04-07T12:55:00Z
3
value 0.00398
scoring_system epss
scoring_elements 0.60597
published_at 2026-04-08T12:55:00Z
4
value 0.00398
scoring_system epss
scoring_elements 0.60612
published_at 2026-04-09T12:55:00Z
5
value 0.00398
scoring_system epss
scoring_elements 0.60637
published_at 2026-04-11T12:55:00Z
6
value 0.00398
scoring_system epss
scoring_elements 0.60622
published_at 2026-04-12T12:55:00Z
7
value 0.00398
scoring_system epss
scoring_elements 0.60601
published_at 2026-04-13T12:55:00Z
8
value 0.00398
scoring_system epss
scoring_elements 0.60643
published_at 2026-04-16T12:55:00Z
9
value 0.00398
scoring_system epss
scoring_elements 0.60648
published_at 2026-04-18T12:55:00Z
10
value 0.00398
scoring_system epss
scoring_elements 0.60636
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-51704
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51704
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51704
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2255582
reference_id 2255582
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2255582
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2023-51704
risk_score 2.9
exploitability 0.5
weighted_severity 5.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5myd-ngfx-5qhb
4
url VCID-74ej-8sna-jyek
vulnerability_id VCID-74ej-8sna-jyek
summary Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/LogPager.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-32698
reference_id
reference_type
scores
0
value 0.0048
scoring_system epss
scoring_elements 0.65037
published_at 2026-04-02T12:55:00Z
1
value 0.00576
scoring_system epss
scoring_elements 0.68798
published_at 2026-04-21T12:55:00Z
2
value 0.00576
scoring_system epss
scoring_elements 0.68809
published_at 2026-04-16T12:55:00Z
3
value 0.00576
scoring_system epss
scoring_elements 0.68819
published_at 2026-04-18T12:55:00Z
4
value 0.00576
scoring_system epss
scoring_elements 0.68739
published_at 2026-04-04T12:55:00Z
5
value 0.00576
scoring_system epss
scoring_elements 0.68717
published_at 2026-04-07T12:55:00Z
6
value 0.00576
scoring_system epss
scoring_elements 0.68768
published_at 2026-04-08T12:55:00Z
7
value 0.00576
scoring_system epss
scoring_elements 0.68788
published_at 2026-04-09T12:55:00Z
8
value 0.00576
scoring_system epss
scoring_elements 0.6881
published_at 2026-04-11T12:55:00Z
9
value 0.00576
scoring_system epss
scoring_elements 0.68796
published_at 2026-04-12T12:55:00Z
10
value 0.00576
scoring_system epss
scoring_elements 0.68767
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-32698
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32698
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32698
2
reference_url https://phabricator.wikimedia.org/T385958
reference_id T385958
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/RE:M/U:Green
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:51:46Z/
url https://phabricator.wikimedia.org/T385958
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-32698
risk_score 0.7
exploitability 0.5
weighted_severity 1.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-74ej-8sna-jyek
5
url VCID-7wh4-say2-pqap
vulnerability_id VCID-7wh4-say2-pqap
summary Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files src/ce/ve.Ce.ClipboardHandler.Js. This issue affects VisualEditor: from * before 1.39.14, 1.43.4, 1.44.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61656
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05235
published_at 2026-04-11T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.06029
published_at 2026-04-18T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.06064
published_at 2026-04-12T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.06056
published_at 2026-04-13T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.06021
published_at 2026-04-16T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.06179
published_at 2026-04-21T12:55:00Z
6
value 0.00046
scoring_system epss
scoring_elements 0.14413
published_at 2026-04-09T12:55:00Z
7
value 0.00046
scoring_system epss
scoring_elements 0.1447
published_at 2026-04-04T12:55:00Z
8
value 0.00046
scoring_system epss
scoring_elements 0.14276
published_at 2026-04-07T12:55:00Z
9
value 0.00046
scoring_system epss
scoring_elements 0.14358
published_at 2026-04-08T12:55:00Z
10
value 0.00046
scoring_system epss
scoring_elements 0.14403
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61656
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61656
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61656
2
reference_url https://phabricator.wikimedia.org/T397232
reference_id T397232
reference_type
scores
0
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:00:27Z/
url https://phabricator.wikimedia.org/T397232
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-61656
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7wh4-say2-pqap
6
url VCID-8uw8-ja3w-r3da
vulnerability_id VCID-8uw8-ja3w-r3da
summary MediaWiki: MediaWiki: Cross-site Scripting (XSS) vulnerability
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11261.json
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11261.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-11261
reference_id
reference_type
scores
0
value 5e-05
scoring_system epss
scoring_elements 0.00267
published_at 2026-04-04T12:55:00Z
1
value 5e-05
scoring_system epss
scoring_elements 0.00261
published_at 2026-04-08T12:55:00Z
2
value 5e-05
scoring_system epss
scoring_elements 0.00263
published_at 2026-04-07T12:55:00Z
3
value 5e-05
scoring_system epss
scoring_elements 0.00259
published_at 2026-04-11T12:55:00Z
4
value 6e-05
scoring_system epss
scoring_elements 0.0037
published_at 2026-04-21T12:55:00Z
5
value 6e-05
scoring_system epss
scoring_elements 0.00347
published_at 2026-04-18T12:55:00Z
6
value 6e-05
scoring_system epss
scoring_elements 0.00348
published_at 2026-04-13T12:55:00Z
7
value 6e-05
scoring_system epss
scoring_elements 0.00343
published_at 2026-04-16T12:55:00Z
8
value 6e-05
scoring_system epss
scoring_elements 0.0035
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-11261
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11261
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11261
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2436168
reference_id 2436168
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2436168
4
reference_url https://phabricator.wikimedia.org/T402077
reference_id T402077
reference_type
scores
0
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:07:05Z/
url https://phabricator.wikimedia.org/T402077
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-11261
risk_score 2.0
exploitability 0.5
weighted_severity 4.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8uw8-ja3w-r3da
7
url VCID-95d1-mkm6-r3cq
vulnerability_id VCID-95d1-mkm6-r3cq
summary Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/api/ApiFeedContributions.Php. This issue affects MediaWiki: from * before 1.39.13, 1.42.7 1.43.2, 1.44.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-6591
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02371
published_at 2026-04-21T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02275
published_at 2026-04-18T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02062
published_at 2026-04-02T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02068
published_at 2026-04-04T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02064
published_at 2026-04-07T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02066
published_at 2026-04-08T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.02083
published_at 2026-04-09T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02299
published_at 2026-04-11T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.02286
published_at 2026-04-12T12:55:00Z
9
value 0.00013
scoring_system epss
scoring_elements 0.02283
published_at 2026-04-13T12:55:00Z
10
value 0.00013
scoring_system epss
scoring_elements 0.02268
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-6591
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6591
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6591
2
reference_url https://phabricator.wikimedia.org/T392276
reference_id T392276
reference_type
scores
0
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T15:32:29Z/
url https://phabricator.wikimedia.org/T392276
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-6591
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-95d1-mkm6-r3cq
8
url VCID-a8nh-mvhd-bka7
vulnerability_id VCID-a8nh-mvhd-bka7
summary MediaWiki: MediaWiki: Vulnerability in authentication management
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6597.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6597.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-6597
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05644
published_at 2026-04-02T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05684
published_at 2026-04-04T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05676
published_at 2026-04-07T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05716
published_at 2026-04-08T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05743
published_at 2026-04-09T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05932
published_at 2026-04-18T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.06083
published_at 2026-04-21T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.05974
published_at 2026-04-11T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.05965
published_at 2026-04-12T12:55:00Z
9
value 0.00022
scoring_system epss
scoring_elements 0.05955
published_at 2026-04-13T12:55:00Z
10
value 0.00022
scoring_system epss
scoring_elements 0.05921
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-6597
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6597
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6597
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2436116
reference_id 2436116
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2436116
4
reference_url https://phabricator.wikimedia.org/T389009
reference_id T389009
reference_type
scores
0
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:12:25Z/
url https://phabricator.wikimedia.org/T389009
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-6597
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a8nh-mvhd-bka7
9
url VCID-b5ke-cjtq-q3ev
vulnerability_id VCID-b5ke-cjtq-q3ev
summary Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MultimediaViewer.This issue affects MultimediaViewer: from * before 1.39.13, 1.42.7, 1.43.2, 1.44.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-6595
reference_id
reference_type
scores
0
value 6e-05
scoring_system epss
scoring_elements 0.0045
published_at 2026-04-21T12:55:00Z
1
value 6e-05
scoring_system epss
scoring_elements 0.00422
published_at 2026-04-18T12:55:00Z
2
value 6e-05
scoring_system epss
scoring_elements 0.00418
published_at 2026-04-16T12:55:00Z
3
value 6e-05
scoring_system epss
scoring_elements 0.00317
published_at 2026-04-02T12:55:00Z
4
value 6e-05
scoring_system epss
scoring_elements 0.00316
published_at 2026-04-04T12:55:00Z
5
value 6e-05
scoring_system epss
scoring_elements 0.00307
published_at 2026-04-07T12:55:00Z
6
value 6e-05
scoring_system epss
scoring_elements 0.00305
published_at 2026-04-09T12:55:00Z
7
value 6e-05
scoring_system epss
scoring_elements 0.00428
published_at 2026-04-11T12:55:00Z
8
value 6e-05
scoring_system epss
scoring_elements 0.00423
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-6595
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6595
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6595
2
reference_url https://phabricator.wikimedia.org/T394863
reference_id T394863
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T19:53:03Z/
url https://phabricator.wikimedia.org/T394863
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-6595
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b5ke-cjtq-q3ev
10
url VCID-cbtm-g4t5-u3am
vulnerability_id VCID-cbtm-g4t5-u3am
summary
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34093
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34093
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
1
url pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
purl pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2
2
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1
3
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1
4
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2
aliases CVE-2026-34093
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cbtm-g4t5-u3am
11
url VCID-d5vz-puw9-t7er
vulnerability_id VCID-d5vz-puw9-t7er
summary
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34088
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34088
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
1
url pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
purl pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2
2
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1
3
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1
4
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2
aliases CVE-2026-34088
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d5vz-puw9-t7er
12
url VCID-den1-257q-euc9
vulnerability_id VCID-den1-257q-euc9
summary Vulnerability in Wikimedia Foundation TextExtracts. This vulnerability is associated with program files includes/ApiQueryExtracts.Php. This issue affects TextExtracts: from * before 1.39.14, 1.43.4, 1.44.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61653
reference_id
reference_type
scores
0
value 0.00087
scoring_system epss
scoring_elements 0.25053
published_at 2026-04-02T12:55:00Z
1
value 0.00087
scoring_system epss
scoring_elements 0.25092
published_at 2026-04-04T12:55:00Z
2
value 0.00087
scoring_system epss
scoring_elements 0.24867
published_at 2026-04-07T12:55:00Z
3
value 0.00087
scoring_system epss
scoring_elements 0.24936
published_at 2026-04-08T12:55:00Z
4
value 0.00087
scoring_system epss
scoring_elements 0.24981
published_at 2026-04-09T12:55:00Z
5
value 0.00087
scoring_system epss
scoring_elements 0.24995
published_at 2026-04-11T12:55:00Z
6
value 0.00091
scoring_system epss
scoring_elements 0.25581
published_at 2026-04-16T12:55:00Z
7
value 0.00091
scoring_system epss
scoring_elements 0.25538
published_at 2026-04-21T12:55:00Z
8
value 0.00091
scoring_system epss
scoring_elements 0.25566
published_at 2026-04-18T12:55:00Z
9
value 0.00091
scoring_system epss
scoring_elements 0.25636
published_at 2026-04-12T12:55:00Z
10
value 0.00091
scoring_system epss
scoring_elements 0.25579
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61653
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61653
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61653
2
reference_url https://phabricator.wikimedia.org/T397577
reference_id T397577
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T20:59:18Z/
url https://phabricator.wikimedia.org/T397577
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-61653
risk_score 0.8
exploitability 0.5
weighted_severity 1.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-den1-257q-euc9
13
url VCID-e8np-4nbw-t3b3
vulnerability_id VCID-e8np-4nbw-t3b3
summary Vulnerability in Wikimedia Foundation OATHAuth. This vulnerability is associated with program files src/Special/OATHManage.Php. This issue affects OATHAuth: from * before 1.39.14, 1.43.4, 1.44.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-11173
reference_id
reference_type
scores
0
value 0.00016
scoring_system epss
scoring_elements 0.03646
published_at 2026-04-02T12:55:00Z
1
value 0.00016
scoring_system epss
scoring_elements 0.03661
published_at 2026-04-04T12:55:00Z
2
value 0.00016
scoring_system epss
scoring_elements 0.03672
published_at 2026-04-07T12:55:00Z
3
value 0.00016
scoring_system epss
scoring_elements 0.03675
published_at 2026-04-08T12:55:00Z
4
value 0.00016
scoring_system epss
scoring_elements 0.03696
published_at 2026-04-09T12:55:00Z
5
value 0.00016
scoring_system epss
scoring_elements 0.03658
published_at 2026-04-11T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.03956
published_at 2026-04-13T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.03936
published_at 2026-04-16T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.03948
published_at 2026-04-18T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.0407
published_at 2026-04-21T12:55:00Z
10
value 0.00017
scoring_system epss
scoring_elements 0.03986
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-11173
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11173
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11173
2
reference_url https://phabricator.wikimedia.org/T401862
reference_id T401862
reference_type
scores
0
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:07:50Z/
url https://phabricator.wikimedia.org/T401862
3
reference_url https://phabricator.wikimedia.org/T402094
reference_id T402094
reference_type
scores
0
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:07:50Z/
url https://phabricator.wikimedia.org/T402094
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-11173
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e8np-4nbw-t3b3
14
url VCID-fptt-2t1j-8fec
vulnerability_id VCID-fptt-2t1j-8fec
summary Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/ManualLogEntry.Php, includes/recentchanges/RecentChangeFactory.Php, includes/recentchanges/RecentChangeStore.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61639
reference_id
reference_type
scores
0
value 7e-05
scoring_system epss
scoring_elements 0.00496
published_at 2026-04-02T12:55:00Z
1
value 7e-05
scoring_system epss
scoring_elements 0.00491
published_at 2026-04-04T12:55:00Z
2
value 7e-05
scoring_system epss
scoring_elements 0.00489
published_at 2026-04-07T12:55:00Z
3
value 7e-05
scoring_system epss
scoring_elements 0.00487
published_at 2026-04-08T12:55:00Z
4
value 7e-05
scoring_system epss
scoring_elements 0.00485
published_at 2026-04-09T12:55:00Z
5
value 8e-05
scoring_system epss
scoring_elements 0.00678
published_at 2026-04-13T12:55:00Z
6
value 8e-05
scoring_system epss
scoring_elements 0.00716
published_at 2026-04-21T12:55:00Z
7
value 8e-05
scoring_system epss
scoring_elements 0.00685
published_at 2026-04-11T12:55:00Z
8
value 8e-05
scoring_system epss
scoring_elements 0.00677
published_at 2026-04-18T12:55:00Z
9
value 8e-05
scoring_system epss
scoring_elements 0.00671
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61639
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61639
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61639
2
reference_url https://phabricator.wikimedia.org/T280413
reference_id T280413
reference_type
scores
0
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:10:07Z/
url https://phabricator.wikimedia.org/T280413
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-61639
risk_score 0.5
exploitability 0.5
weighted_severity 1.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fptt-2t1j-8fec
15
url VCID-h3d2-nr9e-nqbk
vulnerability_id VCID-h3d2-nr9e-nqbk
summary Improper Authentication vulnerability in Wikimedia Foundation Mediawiki - CentralAuth Extension allows : Bypass Authentication.This issue affects Mediawiki - CentralAuth Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-6926
reference_id
reference_type
scores
0
value 0.00083
scoring_system epss
scoring_elements 0.24479
published_at 2026-04-02T12:55:00Z
1
value 0.00083
scoring_system epss
scoring_elements 0.24424
published_at 2026-04-11T12:55:00Z
2
value 0.00083
scoring_system epss
scoring_elements 0.24382
published_at 2026-04-12T12:55:00Z
3
value 0.00083
scoring_system epss
scoring_elements 0.24326
published_at 2026-04-13T12:55:00Z
4
value 0.00083
scoring_system epss
scoring_elements 0.24343
published_at 2026-04-16T12:55:00Z
5
value 0.00083
scoring_system epss
scoring_elements 0.24332
published_at 2026-04-18T12:55:00Z
6
value 0.00083
scoring_system epss
scoring_elements 0.24513
published_at 2026-04-04T12:55:00Z
7
value 0.00083
scoring_system epss
scoring_elements 0.24296
published_at 2026-04-07T12:55:00Z
8
value 0.00083
scoring_system epss
scoring_elements 0.24363
published_at 2026-04-08T12:55:00Z
9
value 0.00083
scoring_system epss
scoring_elements 0.24407
published_at 2026-04-09T12:55:00Z
10
value 0.0009
scoring_system epss
scoring_elements 0.25501
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-6926
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6926
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6926
2
reference_url https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165117
reference_id 1165117
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-03T17:40:14Z/
url https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165117
3
reference_url https://phabricator.wikimedia.org/T389010
reference_id T389010
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-03T17:40:14Z/
url https://phabricator.wikimedia.org/T389010
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-6926
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h3d2-nr9e-nqbk
16
url VCID-h789-pcxv-kbgd
vulnerability_id VCID-h789-pcxv-kbgd
summary Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLUserTextField.Php. This issue affects MediaWiki: from * through 1.39.12, 1.42.76 1.43.1, 1.44.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-6590
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01796
published_at 2026-04-21T12:55:00Z
1
value 0.00012
scoring_system epss
scoring_elements 0.01706
published_at 2026-04-18T12:55:00Z
2
value 0.00012
scoring_system epss
scoring_elements 0.01527
published_at 2026-04-02T12:55:00Z
3
value 0.00012
scoring_system epss
scoring_elements 0.01531
published_at 2026-04-04T12:55:00Z
4
value 0.00012
scoring_system epss
scoring_elements 0.01534
published_at 2026-04-07T12:55:00Z
5
value 0.00012
scoring_system epss
scoring_elements 0.01538
published_at 2026-04-08T12:55:00Z
6
value 0.00012
scoring_system epss
scoring_elements 0.01541
published_at 2026-04-09T12:55:00Z
7
value 0.00012
scoring_system epss
scoring_elements 0.01727
published_at 2026-04-11T12:55:00Z
8
value 0.00012
scoring_system epss
scoring_elements 0.01717
published_at 2026-04-12T12:55:00Z
9
value 0.00012
scoring_system epss
scoring_elements 0.01716
published_at 2026-04-13T12:55:00Z
10
value 0.00012
scoring_system epss
scoring_elements 0.01705
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-6590
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6590
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6590
2
reference_url https://phabricator.wikimedia.org/T392746
reference_id T392746
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:11:34Z/
url https://phabricator.wikimedia.org/T392746
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-6590
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h789-pcxv-kbgd
17
url VCID-k7qb-7hbj-1qc2
vulnerability_id VCID-k7qb-7hbj-1qc2
summary MediaWiki: MediaWiki: Cross-site Scripting vulnerability via improper input neutralization
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6594.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6594.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-6594
reference_id
reference_type
scores
0
value 6e-05
scoring_system epss
scoring_elements 0.00317
published_at 2026-04-02T12:55:00Z
1
value 6e-05
scoring_system epss
scoring_elements 0.0045
published_at 2026-04-21T12:55:00Z
2
value 6e-05
scoring_system epss
scoring_elements 0.00423
published_at 2026-04-12T12:55:00Z
3
value 6e-05
scoring_system epss
scoring_elements 0.00422
published_at 2026-04-18T12:55:00Z
4
value 6e-05
scoring_system epss
scoring_elements 0.00418
published_at 2026-04-16T12:55:00Z
5
value 6e-05
scoring_system epss
scoring_elements 0.00316
published_at 2026-04-04T12:55:00Z
6
value 6e-05
scoring_system epss
scoring_elements 0.00307
published_at 2026-04-07T12:55:00Z
7
value 6e-05
scoring_system epss
scoring_elements 0.00305
published_at 2026-04-09T12:55:00Z
8
value 6e-05
scoring_system epss
scoring_elements 0.00428
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-6594
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6594
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6594
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2436122
reference_id 2436122
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2436122
4
reference_url https://phabricator.wikimedia.org/T395063
reference_id T395063
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T19:57:15Z/
url https://phabricator.wikimedia.org/T395063
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-6594
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k7qb-7hbj-1qc2
18
url VCID-kw32-af5a-hqg8
vulnerability_id VCID-kw32-af5a-hqg8
summary
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34095
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34095
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
1
url pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
purl pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2
2
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1
3
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1
4
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2
aliases CVE-2026-34095
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kw32-af5a-hqg8
19
url VCID-m1xy-yucr-dqfs
vulnerability_id VCID-m1xy-yucr-dqfs
summary Vulnerability in Wikimedia Foundation ConfirmEdit. This vulnerability is associated with program files includes/FancyCaptcha/ApiFancyCaptchaReload.Php. This issue affects ConfirmEdit: *.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61635
reference_id
reference_type
scores
0
value 0.00016
scoring_system epss
scoring_elements 0.03646
published_at 2026-04-02T12:55:00Z
1
value 0.00016
scoring_system epss
scoring_elements 0.03661
published_at 2026-04-04T12:55:00Z
2
value 0.00016
scoring_system epss
scoring_elements 0.03672
published_at 2026-04-07T12:55:00Z
3
value 0.00016
scoring_system epss
scoring_elements 0.03675
published_at 2026-04-08T12:55:00Z
4
value 0.00016
scoring_system epss
scoring_elements 0.03696
published_at 2026-04-09T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.03948
published_at 2026-04-18T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.0407
published_at 2026-04-21T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.04001
published_at 2026-04-11T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.03986
published_at 2026-04-12T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.03956
published_at 2026-04-13T12:55:00Z
10
value 0.00017
scoring_system epss
scoring_elements 0.03936
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61635
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61635
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61635
2
reference_url https://phabricator.wikimedia.org/T355073
reference_id T355073
reference_type
scores
0
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/AU:Y/RE:M/U:Amber
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:13:27Z/
url https://phabricator.wikimedia.org/T355073
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-61635
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m1xy-yucr-dqfs
20
url VCID-m7uw-sa5j-u3bw
vulnerability_id VCID-m7uw-sa5j-u3bw
summary Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.JqueryMsg/mediawiki.JqueryMsg.Js. This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-67481
reference_id
reference_type
scores
0
value 0.00011
scoring_system epss
scoring_elements 0.01314
published_at 2026-04-11T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.01999
published_at 2026-04-21T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.01915
published_at 2026-04-18T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.01941
published_at 2026-04-12T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.01935
published_at 2026-04-13T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05791
published_at 2026-04-09T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.0573
published_at 2026-04-04T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05726
published_at 2026-04-07T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05765
published_at 2026-04-08T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05689
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-67481
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67481
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67481
2
reference_url https://phabricator.wikimedia.org/T251032
reference_id T251032
reference_type
scores
0
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:26:13Z/
url https://phabricator.wikimedia.org/T251032
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-67481
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m7uw-sa5j-u3bw
21
url VCID-mbs4-gs37-1fh5
vulnerability_id VCID-mbs4-gs37-1fh5
summary Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/RecentChanges/EnhancedChangesList.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61646
reference_id
reference_type
scores
0
value 6e-05
scoring_system epss
scoring_elements 0.00396
published_at 2026-04-04T12:55:00Z
1
value 6e-05
scoring_system epss
scoring_elements 0.00385
published_at 2026-04-07T12:55:00Z
2
value 6e-05
scoring_system epss
scoring_elements 0.00382
published_at 2026-04-11T12:55:00Z
3
value 6e-05
scoring_system epss
scoring_elements 0.00383
published_at 2026-04-09T12:55:00Z
4
value 7e-05
scoring_system epss
scoring_elements 0.00548
published_at 2026-04-13T12:55:00Z
5
value 7e-05
scoring_system epss
scoring_elements 0.00587
published_at 2026-04-21T12:55:00Z
6
value 7e-05
scoring_system epss
scoring_elements 0.00547
published_at 2026-04-12T12:55:00Z
7
value 7e-05
scoring_system epss
scoring_elements 0.0055
published_at 2026-04-18T12:55:00Z
8
value 7e-05
scoring_system epss
scoring_elements 0.00545
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61646
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61646
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61646
2
reference_url https://phabricator.wikimedia.org/T398706
reference_id T398706
reference_type
scores
0
value 1.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:04:40Z/
url https://phabricator.wikimedia.org/T398706
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-61646
risk_score 0.3
exploitability 0.5
weighted_severity 0.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mbs4-gs37-1fh5
22
url VCID-pm3s-z5ap-qqay
vulnerability_id VCID-pm3s-z5ap-qqay
summary MediaWiki: MediaWiki: Arbitrary code execution via Cross-site Scripting (XSS)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61640.json
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61640.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61640
reference_id
reference_type
scores
0
value 5e-05
scoring_system epss
scoring_elements 0.00267
published_at 2026-04-04T12:55:00Z
1
value 5e-05
scoring_system epss
scoring_elements 0.00259
published_at 2026-04-09T12:55:00Z
2
value 5e-05
scoring_system epss
scoring_elements 0.00263
published_at 2026-04-07T12:55:00Z
3
value 5e-05
scoring_system epss
scoring_elements 0.00261
published_at 2026-04-08T12:55:00Z
4
value 6e-05
scoring_system epss
scoring_elements 0.00347
published_at 2026-04-18T12:55:00Z
5
value 6e-05
scoring_system epss
scoring_elements 0.00343
published_at 2026-04-16T12:55:00Z
6
value 6e-05
scoring_system epss
scoring_elements 0.0037
published_at 2026-04-21T12:55:00Z
7
value 6e-05
scoring_system epss
scoring_elements 0.00353
published_at 2026-04-11T12:55:00Z
8
value 6e-05
scoring_system epss
scoring_elements 0.0035
published_at 2026-04-12T12:55:00Z
9
value 6e-05
scoring_system epss
scoring_elements 0.00348
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61640
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61640
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61640
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2436106
reference_id 2436106
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2436106
4
reference_url https://phabricator.wikimedia.org/T402075
reference_id T402075
reference_type
scores
0
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:09:45Z/
url https://phabricator.wikimedia.org/T402075
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-61640
risk_score 2.0
exploitability 0.5
weighted_severity 4.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pm3s-z5ap-qqay
23
url VCID-pwjk-pzpj-aff6
vulnerability_id VCID-pwjk-pzpj-aff6
summary Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid.This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1; Parsoid: before 0.16.5, 0.19.2, 0.20.2.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-32699
reference_id
reference_type
scores
0
value 0.00328
scoring_system epss
scoring_elements 0.55778
published_at 2026-04-02T12:55:00Z
1
value 0.00394
scoring_system epss
scoring_elements 0.6033
published_at 2026-04-21T12:55:00Z
2
value 0.00394
scoring_system epss
scoring_elements 0.60333
published_at 2026-04-16T12:55:00Z
3
value 0.00394
scoring_system epss
scoring_elements 0.60341
published_at 2026-04-18T12:55:00Z
4
value 0.00394
scoring_system epss
scoring_elements 0.60272
published_at 2026-04-04T12:55:00Z
5
value 0.00394
scoring_system epss
scoring_elements 0.60241
published_at 2026-04-07T12:55:00Z
6
value 0.00394
scoring_system epss
scoring_elements 0.6029
published_at 2026-04-08T12:55:00Z
7
value 0.00394
scoring_system epss
scoring_elements 0.60305
published_at 2026-04-09T12:55:00Z
8
value 0.00394
scoring_system epss
scoring_elements 0.60326
published_at 2026-04-11T12:55:00Z
9
value 0.00394
scoring_system epss
scoring_elements 0.60312
published_at 2026-04-12T12:55:00Z
10
value 0.00394
scoring_system epss
scoring_elements 0.60293
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-32699
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32699
2
reference_url https://phabricator.wikimedia.org/T387130
reference_id T387130
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/RE:M/U:Amber
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:51:20Z/
url https://phabricator.wikimedia.org/T387130
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-32699
risk_score 0.7
exploitability 0.5
weighted_severity 1.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pwjk-pzpj-aff6
24
url VCID-qpgu-mg6m-vyef
vulnerability_id VCID-qpgu-mg6m-vyef
summary Vulnerability in Wikimedia Foundation Scribunto, Wikimedia Foundation luasandbox. This vulnerability is associated with program files includes/Engines/LuaCommon/lualib/mwInit.Lua, library.C. This issue affects Scribunto: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1; luasandbox: from * before fea2304f8f6ab30314369a612f4f5b165e68e95a.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-67482
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05245
published_at 2026-04-02T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05277
published_at 2026-04-04T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05303
published_at 2026-04-07T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05337
published_at 2026-04-08T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05359
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05326
published_at 2026-04-11T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05497
published_at 2026-04-16T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.0567
published_at 2026-04-21T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05507
published_at 2026-04-18T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05554
published_at 2026-04-12T12:55:00Z
10
value 0.00021
scoring_system epss
scoring_elements 0.05547
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-67482
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67482
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67482
2
reference_url https://phabricator.wikimedia.org/T408135
reference_id T408135
reference_type
scores
0
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:26:14Z/
url https://phabricator.wikimedia.org/T408135
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-67482
risk_score 0.5
exploitability 0.5
weighted_severity 1.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qpgu-mg6m-vyef
25
url VCID-sr9a-a6vt-1qgt
vulnerability_id VCID-sr9a-a6vt-1qgt
summary Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid. This vulnerability is associated with program files includes/parser/Sanitizer.Php, src/Core/Sanitizer.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1; Parsoid: from * before 0.16.6, 0.20.4, 0.21.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61638
reference_id
reference_type
scores
0
value 6e-05
scoring_system epss
scoring_elements 0.00312
published_at 2026-04-07T12:55:00Z
1
value 6e-05
scoring_system epss
scoring_elements 0.00323
published_at 2026-04-02T12:55:00Z
2
value 6e-05
scoring_system epss
scoring_elements 0.00311
published_at 2026-04-09T12:55:00Z
3
value 6e-05
scoring_system epss
scoring_elements 0.00321
published_at 2026-04-04T12:55:00Z
4
value 7e-05
scoring_system epss
scoring_elements 0.00463
published_at 2026-04-21T12:55:00Z
5
value 7e-05
scoring_system epss
scoring_elements 0.00428
published_at 2026-04-16T12:55:00Z
6
value 7e-05
scoring_system epss
scoring_elements 0.00433
published_at 2026-04-18T12:55:00Z
7
value 7e-05
scoring_system epss
scoring_elements 0.00437
published_at 2026-04-11T12:55:00Z
8
value 7e-05
scoring_system epss
scoring_elements 0.00432
published_at 2026-04-12T12:55:00Z
9
value 7e-05
scoring_system epss
scoring_elements 0.00431
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61638
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61638
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61638
2
reference_url https://phabricator.wikimedia.org/T401099
reference_id T401099
reference_type
scores
0
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:10:22Z/
url https://phabricator.wikimedia.org/T401099
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-61638
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sr9a-a6vt-1qgt
26
url VCID-tutk-y8jg-n7dh
vulnerability_id VCID-tutk-y8jg-n7dh
summary Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This issue affects CheckUser: from * before 1.39.14, 1.43.4, 1.44.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-67478
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05376
published_at 2026-04-18T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.0554
published_at 2026-04-21T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05372
published_at 2026-04-16T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05583
published_at 2026-04-08T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.0551
published_at 2026-04-02T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05579
published_at 2026-04-11T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05607
published_at 2026-04-09T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05546
published_at 2026-04-04T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05545
published_at 2026-04-07T12:55:00Z
9
value 0.00022
scoring_system epss
scoring_elements 0.05811
published_at 2026-04-13T12:55:00Z
10
value 0.00022
scoring_system epss
scoring_elements 0.05818
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-67478
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67478
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67478
2
reference_url https://phabricator.wikimedia.org/T385403
reference_id T385403
reference_type
scores
0
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:29:08Z/
url https://phabricator.wikimedia.org/T385403
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-67478
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tutk-y8jg-n7dh
27
url VCID-v3dp-7stt-tygf
vulnerability_id VCID-v3dp-7stt-tygf
summary MediaWiki: MediaWiki: Cross-site Scripting vulnerability due to improper input neutralization
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67475.json
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67475.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-67475
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01642
published_at 2026-04-11T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.02532
published_at 2026-04-21T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.02443
published_at 2026-04-13T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.02425
published_at 2026-04-16T12:55:00Z
4
value 0.00014
scoring_system epss
scoring_elements 0.02432
published_at 2026-04-18T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06192
published_at 2026-04-02T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06288
published_at 2026-04-09T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06223
published_at 2026-04-04T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06203
published_at 2026-04-07T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06247
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-67475
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67475
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67475
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2436176
reference_id 2436176
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2436176
4
reference_url https://phabricator.wikimedia.org/T406664
reference_id T406664
reference_type
scores
0
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:29:07Z/
url https://phabricator.wikimedia.org/T406664
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-67475
risk_score 2.0
exploitability 0.5
weighted_severity 4.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v3dp-7stt-tygf
28
url VCID-vjd5-jv5h-yfhw
vulnerability_id VCID-vjd5-jv5h-yfhw
summary Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files includes/ApiVisualEditorEdit.Php, modules/ve-mw/init/targets/ve.Init.Mw.DesktopArticleTarget.Js, modules/ve-mw/ui/dialogs/ve.Ui.MWSaveDialog.Js. This issue affects VisualEditor: from * before 1.39.14, 1.43.4, 1.44.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61655
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04535
published_at 2026-04-11T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05502
published_at 2026-04-18T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05549
published_at 2026-04-12T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05542
published_at 2026-04-13T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05492
published_at 2026-04-16T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05664
published_at 2026-04-21T12:55:00Z
6
value 0.00043
scoring_system epss
scoring_elements 0.13053
published_at 2026-04-09T12:55:00Z
7
value 0.00043
scoring_system epss
scoring_elements 0.13121
published_at 2026-04-04T12:55:00Z
8
value 0.00043
scoring_system epss
scoring_elements 0.12923
published_at 2026-04-07T12:55:00Z
9
value 0.00043
scoring_system epss
scoring_elements 0.13002
published_at 2026-04-08T12:55:00Z
10
value 0.00043
scoring_system epss
scoring_elements 0.13067
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61655
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61655
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61655
2
reference_url https://phabricator.wikimedia.org/T395858
reference_id T395858
reference_type
scores
0
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:00:47Z/
url https://phabricator.wikimedia.org/T395858
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-61655
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vjd5-jv5h-yfhw
29
url VCID-w51y-hprj-buap
vulnerability_id VCID-w51y-hprj-buap
summary Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/actions/RevertAction.Php, includes/api/ApiFileRevert.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-32696
reference_id
reference_type
scores
0
value 0.00273
scoring_system epss
scoring_elements 0.50697
published_at 2026-04-02T12:55:00Z
1
value 0.00328
scoring_system epss
scoring_elements 0.55749
published_at 2026-04-21T12:55:00Z
2
value 0.00328
scoring_system epss
scoring_elements 0.5573
published_at 2026-04-13T12:55:00Z
3
value 0.00328
scoring_system epss
scoring_elements 0.55771
published_at 2026-04-18T12:55:00Z
4
value 0.00328
scoring_system epss
scoring_elements 0.55726
published_at 2026-04-04T12:55:00Z
5
value 0.00328
scoring_system epss
scoring_elements 0.55704
published_at 2026-04-07T12:55:00Z
6
value 0.00328
scoring_system epss
scoring_elements 0.55755
published_at 2026-04-08T12:55:00Z
7
value 0.00328
scoring_system epss
scoring_elements 0.55759
published_at 2026-04-09T12:55:00Z
8
value 0.00328
scoring_system epss
scoring_elements 0.55767
published_at 2026-04-16T12:55:00Z
9
value 0.00328
scoring_system epss
scoring_elements 0.55748
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-32696
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32696
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32696
2
reference_url https://phabricator.wikimedia.org/T304474
reference_id T304474
reference_type
scores
0
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/RE:M/U:Green
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T19:06:02Z/
url https://phabricator.wikimedia.org/T304474
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-32696
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w51y-hprj-buap
30
url VCID-wraf-59ce-u3br
vulnerability_id VCID-wraf-59ce-u3br
summary MediaWiki: MediaWiki: Vulnerability in parsing and sanitization
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67479.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67479.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-67479
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05245
published_at 2026-04-02T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05277
published_at 2026-04-04T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05303
published_at 2026-04-07T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05337
published_at 2026-04-08T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05359
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05326
published_at 2026-04-11T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05497
published_at 2026-04-16T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.0567
published_at 2026-04-21T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05507
published_at 2026-04-18T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05554
published_at 2026-04-12T12:55:00Z
10
value 0.00021
scoring_system epss
scoring_elements 0.05547
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-67479
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67479
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67479
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2436184
reference_id 2436184
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2436184
4
reference_url https://phabricator.wikimedia.org/T407131
reference_id T407131
reference_type
scores
0
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:26:19Z/
url https://phabricator.wikimedia.org/T407131
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-67479
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wraf-59ce-u3br
31
url VCID-x8t7-agtn-zudu
vulnerability_id VCID-x8t7-agtn-zudu
summary
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34087
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34087
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
1
url pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
purl pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2
2
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1
3
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1
4
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2
aliases CVE-2026-34087
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x8t7-agtn-zudu
32
url VCID-xtd9-wbd9-67ew
vulnerability_id VCID-xtd9-wbd9-67ew
summary Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/user/User.Php. This issue affects MediaWiki: from 1.27.0 before 1.39.13, 1.42.7 1.43.2, 1.44.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-6593
reference_id
reference_type
scores
0
value 0.00016
scoring_system epss
scoring_elements 0.03646
published_at 2026-04-02T12:55:00Z
1
value 0.00016
scoring_system epss
scoring_elements 0.03661
published_at 2026-04-04T12:55:00Z
2
value 0.00016
scoring_system epss
scoring_elements 0.03672
published_at 2026-04-07T12:55:00Z
3
value 0.00016
scoring_system epss
scoring_elements 0.03675
published_at 2026-04-08T12:55:00Z
4
value 0.00016
scoring_system epss
scoring_elements 0.03696
published_at 2026-04-09T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.03948
published_at 2026-04-18T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.0407
published_at 2026-04-21T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.04001
published_at 2026-04-11T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.03986
published_at 2026-04-12T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.03956
published_at 2026-04-13T12:55:00Z
10
value 0.00017
scoring_system epss
scoring_elements 0.03936
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-6593
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6593
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6593
2
reference_url https://phabricator.wikimedia.org/T396230
reference_id T396230
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T14:42:43Z/
url https://phabricator.wikimedia.org/T396230
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-6593
risk_score 0.7
exploitability 0.5
weighted_severity 1.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xtd9-wbd9-67ew
33
url VCID-z3qw-4ejj-uffj
vulnerability_id VCID-z3qw-4ejj-uffj
summary Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLMultiSelectField.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-3469
reference_id
reference_type
scores
0
value 0.00436
scoring_system epss
scoring_elements 0.62921
published_at 2026-04-02T12:55:00Z
1
value 0.00523
scoring_system epss
scoring_elements 0.6693
published_at 2026-04-21T12:55:00Z
2
value 0.00523
scoring_system epss
scoring_elements 0.66932
published_at 2026-04-16T12:55:00Z
3
value 0.00523
scoring_system epss
scoring_elements 0.66947
published_at 2026-04-18T12:55:00Z
4
value 0.00523
scoring_system epss
scoring_elements 0.6689
published_at 2026-04-04T12:55:00Z
5
value 0.00523
scoring_system epss
scoring_elements 0.66863
published_at 2026-04-07T12:55:00Z
6
value 0.00523
scoring_system epss
scoring_elements 0.66911
published_at 2026-04-08T12:55:00Z
7
value 0.00523
scoring_system epss
scoring_elements 0.66925
published_at 2026-04-09T12:55:00Z
8
value 0.00523
scoring_system epss
scoring_elements 0.66945
published_at 2026-04-11T12:55:00Z
9
value 0.00523
scoring_system epss
scoring_elements 0.66931
published_at 2026-04-12T12:55:00Z
10
value 0.00523
scoring_system epss
scoring_elements 0.66899
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-3469
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3469
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3469
2
reference_url https://phabricator.wikimedia.org/T358689
reference_id T358689
reference_type
scores
0
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/RE:M/U:Green
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T19:06:28Z/
url https://phabricator.wikimedia.org/T358689
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-3469
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z3qw-4ejj-uffj
34
url VCID-z8qp-v64u-tuh8
vulnerability_id VCID-z8qp-v64u-tuh8
summary MediaWiki: MediaWiki: Vulnerability in ApiFormatXml.Php requiring high privileges
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67484.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67484.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-67484
reference_id
reference_type
scores
0
value 0.00033
scoring_system epss
scoring_elements 0.09518
published_at 2026-04-21T12:55:00Z
1
value 0.00033
scoring_system epss
scoring_elements 0.09366
published_at 2026-04-16T12:55:00Z
2
value 0.00033
scoring_system epss
scoring_elements 0.09368
published_at 2026-04-18T12:55:00Z
3
value 0.00034
scoring_system epss
scoring_elements 0.09879
published_at 2026-04-07T12:55:00Z
4
value 0.00034
scoring_system epss
scoring_elements 0.09933
published_at 2026-04-02T12:55:00Z
5
value 0.00034
scoring_system epss
scoring_elements 0.09954
published_at 2026-04-08T12:55:00Z
6
value 0.00034
scoring_system epss
scoring_elements 0.10004
published_at 2026-04-09T12:55:00Z
7
value 0.00034
scoring_system epss
scoring_elements 0.10019
published_at 2026-04-11T12:55:00Z
8
value 0.00034
scoring_system epss
scoring_elements 0.09981
published_at 2026-04-04T12:55:00Z
9
value 0.0004
scoring_system epss
scoring_elements 0.12073
published_at 2026-04-12T12:55:00Z
10
value 0.0004
scoring_system epss
scoring_elements 0.12043
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-67484
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67484
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67484
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2436190
reference_id 2436190
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2436190
4
reference_url https://phabricator.wikimedia.org/T401995
reference_id T401995
reference_type
scores
0
value 0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:02:03Z/
url https://phabricator.wikimedia.org/T401995
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-67484
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z8qp-v64u-tuh8
35
url VCID-zmax-894d-5kfd
vulnerability_id VCID-zmax-894d-5kfd
summary
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34092
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34092
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
1
url pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
purl pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2
2
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1
3
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1
4
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2
aliases CVE-2026-34092
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zmax-894d-5kfd
36
url VCID-ztxx-cc2c-87at
vulnerability_id VCID-ztxx-cc2c-87at
summary Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/recentchanges/RecentChangeRCFeedNotifier.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61643
reference_id
reference_type
scores
0
value 7e-05
scoring_system epss
scoring_elements 0.00619
published_at 2026-04-02T12:55:00Z
1
value 7e-05
scoring_system epss
scoring_elements 0.00611
published_at 2026-04-04T12:55:00Z
2
value 7e-05
scoring_system epss
scoring_elements 0.00614
published_at 2026-04-07T12:55:00Z
3
value 7e-05
scoring_system epss
scoring_elements 0.00612
published_at 2026-04-08T12:55:00Z
4
value 7e-05
scoring_system epss
scoring_elements 0.00606
published_at 2026-04-09T12:55:00Z
5
value 8e-05
scoring_system epss
scoring_elements 0.0077
published_at 2026-04-12T12:55:00Z
6
value 8e-05
scoring_system epss
scoring_elements 0.0082
published_at 2026-04-21T12:55:00Z
7
value 8e-05
scoring_system epss
scoring_elements 0.00777
published_at 2026-04-11T12:55:00Z
8
value 8e-05
scoring_system epss
scoring_elements 0.00776
published_at 2026-04-18T12:55:00Z
9
value 8e-05
scoring_system epss
scoring_elements 0.00772
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61643
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61643
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61643
2
reference_url https://phabricator.wikimedia.org/T403757
reference_id T403757
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/RE:M/U:Green
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:15:36Z/
url https://phabricator.wikimedia.org/T403757
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1
aliases CVE-2025-61643
risk_score 0.8
exploitability 0.5
weighted_severity 1.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ztxx-cc2c-87at
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1