Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1068115?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1068115?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1", "type": "deb", "namespace": "debian", "name": "mediawiki", "version": "1:1.43.8+dfsg-1~deb13u1", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1:1.43.8+dfsg-2", "latest_non_vulnerable_version": "1:1.43.8+dfsg-2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/349884?format=api", "vulnerability_id": "VCID-buwp-69zb-93hs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5266", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1272", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5266" }, { "reference_url": "https://phabricator.wikimedia.org/T420154", "reference_id": "T420154", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T17:59:36Z/" } ], "url": "https://phabricator.wikimedia.org/T420154" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1068115?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026193?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059947?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2" } ], "aliases": [ "CVE-2026-5266" ], "risk_score": 0.7, "exploitability": "0.5", "weighted_severity": "1.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-buwp-69zb-93hs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/349652?format=api", "vulnerability_id": "VCID-cbtm-g4t5-u3am", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34093", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1272", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34093" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34093", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34093" }, { "reference_url": "https://phabricator.wikimedia.org/T414547", "reference_id": "T414547", "reference_type": "", "scores": [ { "value": "1.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/R:A" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:14:58Z/" } ], "url": "https://phabricator.wikimedia.org/T414547" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026191?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068111?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068115?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026193?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059947?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2" } ], "aliases": [ "CVE-2026-34093" ], "risk_score": 0.3, "exploitability": "0.5", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cbtm-g4t5-u3am" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/349650?format=api", "vulnerability_id": "VCID-d5vz-puw9-t7er", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34088", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12853", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34088" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34088", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34088" }, { "reference_url": "https://phabricator.wikimedia.org/T410429", "reference_id": "T410429", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/R:U/RE:M" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T16:03:25Z/" } ], "url": "https://phabricator.wikimedia.org/T410429" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026191?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068111?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068115?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026193?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059947?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2" } ], "aliases": [ "CVE-2026-34088" ], "risk_score": 0.4, "exploitability": "0.5", "weighted_severity": "0.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d5vz-puw9-t7er" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/349653?format=api", "vulnerability_id": "VCID-kw32-af5a-hqg8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34095", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11568", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34095" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34095", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34095" }, { "reference_url": "https://phabricator.wikimedia.org/T419192", "reference_id": "T419192", "reference_type": "", "scores": [ { "value": "0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:03:59Z/" } ], "url": "https://phabricator.wikimedia.org/T419192" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026191?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068111?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068115?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026193?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059947?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2" } ], "aliases": [ "CVE-2026-34095" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kw32-af5a-hqg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/349883?format=api", "vulnerability_id": "VCID-q7k6-59z5-d7a7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34094", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11568", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34094" }, { "reference_url": "https://phabricator.wikimedia.org/T416090", "reference_id": "T416090", "reference_type": "", "scores": [ { "value": "2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:06:55Z/" } ], "url": "https://phabricator.wikimedia.org/T416090" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1068115?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026193?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059947?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2" } ], "aliases": [ "CVE-2026-34094" ], "risk_score": 0.6, "exploitability": "0.5", "weighted_severity": "1.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q7k6-59z5-d7a7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/349648?format=api", "vulnerability_id": "VCID-wktm-ya6k-v7dv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34086", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24253", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34086" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34086", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34086" }, { "reference_url": "https://phabricator.wikimedia.org/T415584", "reference_id": "T415584", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/S:N/AU:Y" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T17:33:23Z/" } ], "url": "https://phabricator.wikimedia.org/T415584" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1068111?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026192?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-buwp-69zb-93hs" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-q7k6-59z5-d7a7" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-xdct-ca96-3uat" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068115?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026193?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059947?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2" } ], "aliases": [ "CVE-2026-34086" ], "risk_score": 0.7, "exploitability": "0.5", "weighted_severity": "1.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wktm-ya6k-v7dv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/349649?format=api", "vulnerability_id": "VCID-x8t7-agtn-zudu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34087", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1272", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34087" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34087", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34087" }, { "reference_url": "https://phabricator.wikimedia.org/T412061", "reference_id": "T412061", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/S:N/AU:Y/R:A/RE:M" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T16:03:46Z/" } ], "url": "https://phabricator.wikimedia.org/T412061" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026191?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068111?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068115?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026193?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059947?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2" } ], "aliases": [ "CVE-2026-34087" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x8t7-agtn-zudu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/349882?format=api", "vulnerability_id": "VCID-xdct-ca96-3uat", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34091", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12853", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34091" }, { "reference_url": "https://phabricator.wikimedia.org/T411305", "reference_id": "T411305", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/R:U" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-11T16:03:01Z/" } ], "url": "https://phabricator.wikimedia.org/T411305" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1068115?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026193?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059947?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2" } ], "aliases": [ "CVE-2026-34091" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xdct-ca96-3uat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/349651?format=api", "vulnerability_id": "VCID-zmax-894d-5kfd", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34092", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1272", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34092" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34092", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34092" }, { "reference_url": "https://phabricator.wikimedia.org/T384147", "reference_id": "T384147", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T15:50:50Z/" } ], "url": "https://phabricator.wikimedia.org/T384147" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026191?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068111?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068115?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026193?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059947?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2" } ], "aliases": [ "CVE-2026-34092" ], "risk_score": 0.7, "exploitability": "0.5", "weighted_severity": "1.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zmax-894d-5kfd" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1" }