{"url":"http://public2.vulnerablecode.io/api/packages/930701?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie","type":"deb","namespace":"debian","name":"mediawiki","version":"1:1.43.5+dfsg-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1:1.43.6+dfsg-1","latest_non_vulnerable_version":"1:1.43.8+dfsg-2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64775?format=json","vulnerability_id":"VCID-27j6-j549-6fak","summary":"MediaWiki: MediaWiki: Cross-site Scripting via improper input neutralization","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61637.json","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61637.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61637","reference_id":"","reference_type":"","scores":[{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00261","published_at":"2026-04-08T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00267","published_at":"2026-04-04T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00259","published_at":"2026-04-09T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00263","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00363","published_at":"2026-05-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00369","published_at":"2026-04-26T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00365","published_at":"2026-05-05T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00353","published_at":"2026-04-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0035","published_at":"2026-04-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00348","published_at":"2026-04-13T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00343","published_at":"2026-04-16T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00347","published_at":"2026-04-18T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0037","published_at":"2026-04-21T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00368","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61637"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436128","reference_id":"2436128","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436128"},{"reference_url":"https://phabricator.wikimedia.org/T394856","reference_id":"T394856","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:10:43Z/"}],"url":"https://phabricator.wikimedia.org/T394856"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930620?format=json","purl":"pkg:deb/debian/mediawiki@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930701?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61637"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-27j6-j549-6fak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96834?format=json","vulnerability_id":"VCID-4yhr-jjt9-afaq","summary":"Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/api/ApiQueryAllPages.Php.  This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61641","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00371","published_at":"2026-04-08T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00385","published_at":"2026-04-04T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00372","published_at":"2026-04-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00374","published_at":"2026-04-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00565","published_at":"2026-05-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00558","published_at":"2026-05-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00567","published_at":"2026-05-05T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00525","published_at":"2026-04-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00523","published_at":"2026-04-12T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00524","published_at":"2026-04-13T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00521","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00526","published_at":"2026-04-18T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0056","published_at":"2026-04-29T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00556","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61641"},{"reference_url":"https://phabricator.wikimedia.org/T298690","reference_id":"T298690","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:09:22Z/"}],"url":"https://phabricator.wikimedia.org/T298690"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930700?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930701?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61641"],"risk_score":0.5,"exploitability":"0.5","weighted_severity":"1.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4yhr-jjt9-afaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/335430?format=json","vulnerability_id":"VCID-7kax-fqa1-kfbu","summary":"Vulnerability in Wikimedia Foundation DiscussionTools.This issue affects DiscussionTools: from * before 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61652","reference_id":"","reference_type":"","scores":[{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28662","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28702","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28664","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.2875","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28557","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28622","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30947","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30872","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30942","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31454","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31417","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31451","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3143","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31398","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31227","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31102","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31023","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61652"},{"reference_url":"https://phabricator.wikimedia.org/T397580","reference_id":"T397580","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T20:57:48Z/"}],"url":"https://phabricator.wikimedia.org/T397580"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930620?format=json","purl":"pkg:deb/debian/mediawiki@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930701?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61652"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7kax-fqa1-kfbu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96839?format=json","vulnerability_id":"VCID-7wh4-say2-pqap","summary":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files src/ce/ve.Ce.ClipboardHandler.Js.  This issue affects VisualEditor: from * before 1.39.14, 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61656","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05235","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06436","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06029","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06179","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06193","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06225","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06232","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.0625","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06362","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06064","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06056","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06021","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14358","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.1447","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14276","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14413","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14403","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61656"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61656","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61656"},{"reference_url":"https://phabricator.wikimedia.org/T397232","reference_id":"T397232","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:00:27Z/"}],"url":"https://phabricator.wikimedia.org/T397232"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930700?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930701?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61656"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7wh4-say2-pqap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64772?format=json","vulnerability_id":"VCID-8uw8-ja3w-r3da","summary":"MediaWiki: MediaWiki: Cross-site Scripting (XSS) vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11261.json","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11261.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11261","reference_id":"","reference_type":"","scores":[{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00263","published_at":"2026-04-07T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00267","published_at":"2026-04-04T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00259","published_at":"2026-04-11T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00261","published_at":"2026-04-08T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00363","published_at":"2026-05-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0037","published_at":"2026-04-21T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00368","published_at":"2026-05-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00369","published_at":"2026-04-26T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00365","published_at":"2026-05-05T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0035","published_at":"2026-04-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00348","published_at":"2026-04-13T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00343","published_at":"2026-04-16T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00347","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11261"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11261","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11261"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436168","reference_id":"2436168","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436168"},{"reference_url":"https://phabricator.wikimedia.org/T402077","reference_id":"T402077","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:07:05Z/"}],"url":"https://phabricator.wikimedia.org/T402077"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930700?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930701?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-11261"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8uw8-ja3w-r3da"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/335431?format=json","vulnerability_id":"VCID-a11n-r5nu-pben","summary":"Vulnerability in Wikimedia Foundation Thanks. This vulnerability is associated with program files includes/ThanksQueryHelper.Php.\n\nThis issue affects Thanks: from * before 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61654","reference_id":"","reference_type":"","scores":[{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23018","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23185","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23163","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23144","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23091","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23229","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25304","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25342","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25296","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25179","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25244","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25478","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25421","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25427","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25417","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25385","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25348","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61654"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62661","reference_id":"CVE-2025-62661","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:01:13Z/"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62661"},{"reference_url":"https://phabricator.wikimedia.org/T397497","reference_id":"T397497","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:01:13Z/"}],"url":"https://phabricator.wikimedia.org/T397497"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930620?format=json","purl":"pkg:deb/debian/mediawiki@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930701?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61654"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a11n-r5nu-pben"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/335432?format=json","vulnerability_id":"VCID-b2ha-594t-9qgw","summary":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Vector. This vulnerability is associated with program files resources/skins.Vector.Js/stickyHeader.Js.\n\nThis issue affects Vector: from * before 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61657","reference_id":"","reference_type":"","scores":[{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13053","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13067","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13015","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13121","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.12923","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13002","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13586","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13344","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13501","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13628","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.1358","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13494","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13491","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13562","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13575","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13547","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13438","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61657"},{"reference_url":"https://phabricator.wikimedia.org/T398636","reference_id":"T398636","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:00:09Z/"}],"url":"https://phabricator.wikimedia.org/T398636"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930620?format=json","purl":"pkg:deb/debian/mediawiki@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930701?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61657"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b2ha-594t-9qgw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96837?format=json","vulnerability_id":"VCID-den1-257q-euc9","summary":"Vulnerability in Wikimedia Foundation TextExtracts. This vulnerability is associated with program files includes/ApiQueryExtracts.Php.  This issue affects TextExtracts: from * before 1.39.14, 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61653","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24981","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25053","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24995","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25092","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24867","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24936","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25449","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25319","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25388","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25636","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25579","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25581","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25566","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25538","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.2549","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25482","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25435","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61653"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61653","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61653"},{"reference_url":"https://phabricator.wikimedia.org/T397577","reference_id":"T397577","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T20:59:18Z/"}],"url":"https://phabricator.wikimedia.org/T397577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930700?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930701?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61653"],"risk_score":0.8,"exploitability":"0.5","weighted_severity":"1.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-den1-257q-euc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96449?format=json","vulnerability_id":"VCID-e8np-4nbw-t3b3","summary":"Vulnerability in Wikimedia Foundation OATHAuth. This vulnerability is associated with program files src/Special/OATHManage.Php.  This issue affects OATHAuth: from * before 1.39.14, 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11173","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03672","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03646","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03658","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03696","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03675","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03661","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04164","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04103","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04137","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04097","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04125","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03986","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03956","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03936","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03948","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0407","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04085","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11173"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11173","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11173"},{"reference_url":"https://phabricator.wikimedia.org/T401862","reference_id":"T401862","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:07:50Z/"}],"url":"https://phabricator.wikimedia.org/T401862"},{"reference_url":"https://phabricator.wikimedia.org/T402094","reference_id":"T402094","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:07:50Z/"}],"url":"https://phabricator.wikimedia.org/T402094"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930700?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930701?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-11173"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e8np-4nbw-t3b3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96833?format=json","vulnerability_id":"VCID-fptt-2t1j-8fec","summary":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/ManualLogEntry.Php, includes/recentchanges/RecentChangeFactory.Php, includes/recentchanges/RecentChangeStore.Php.  This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61639","reference_id":"","reference_type":"","scores":[{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00487","published_at":"2026-04-08T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00496","published_at":"2026-04-02T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00485","published_at":"2026-04-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00491","published_at":"2026-04-04T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00489","published_at":"2026-04-07T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00714","published_at":"2026-05-09T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00727","published_at":"2026-05-05T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.0072","published_at":"2026-05-07T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00685","published_at":"2026-04-11T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00678","published_at":"2026-04-13T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00671","published_at":"2026-04-16T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00677","published_at":"2026-04-18T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00716","published_at":"2026-04-21T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00718","published_at":"2026-04-24T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00719","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61639"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61639","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61639"},{"reference_url":"https://phabricator.wikimedia.org/T280413","reference_id":"T280413","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:10:07Z/"}],"url":"https://phabricator.wikimedia.org/T280413"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930700?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930701?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61639"],"risk_score":0.5,"exploitability":"0.5","weighted_severity":"1.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fptt-2t1j-8fec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/335423?format=json","vulnerability_id":"VCID-gad5-ezcv-37a2","summary":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLButtonField.Php.\n\nThis issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61636","reference_id":"","reference_type":"","scores":[{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00261","published_at":"2026-04-08T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00267","published_at":"2026-04-04T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00259","published_at":"2026-04-09T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00263","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00363","published_at":"2026-05-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00369","published_at":"2026-04-26T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00365","published_at":"2026-05-05T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00353","published_at":"2026-04-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0035","published_at":"2026-04-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00348","published_at":"2026-04-13T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00343","published_at":"2026-04-16T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00347","published_at":"2026-04-18T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0037","published_at":"2026-04-21T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00368","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61636"},{"reference_url":"https://phabricator.wikimedia.org/T394396","reference_id":"T394396","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/U:Clear"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:13:06Z/"}],"url":"https://phabricator.wikimedia.org/T394396"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930620?format=json","purl":"pkg:deb/debian/mediawiki@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930701?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61636"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gad5-ezcv-37a2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64777?format=json","vulnerability_id":"VCID-hjjw-pz2f-rqg2","summary":"MediaWiki: MediaWiki: Cross-site Scripting (XSS) vulnerability via improper input neutralization","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61642.json","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61642.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61642","reference_id":"","reference_type":"","scores":[{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00261","published_at":"2026-04-08T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00267","published_at":"2026-04-04T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00259","published_at":"2026-04-09T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00263","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00363","published_at":"2026-05-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00369","published_at":"2026-04-26T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00365","published_at":"2026-05-05T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00353","published_at":"2026-04-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0035","published_at":"2026-04-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00348","published_at":"2026-04-13T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00343","published_at":"2026-04-16T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00347","published_at":"2026-04-18T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0037","published_at":"2026-04-21T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00368","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61642"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436104","reference_id":"2436104","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436104"},{"reference_url":"https://phabricator.wikimedia.org/T402313","reference_id":"T402313","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:16:31Z/"}],"url":"https://phabricator.wikimedia.org/T402313"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930620?format=json","purl":"pkg:deb/debian/mediawiki@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930701?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61642"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hjjw-pz2f-rqg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96831?format=json","vulnerability_id":"VCID-m1xy-yucr-dqfs","summary":"Vulnerability in Wikimedia Foundation ConfirmEdit. This vulnerability is associated with program files includes/FancyCaptcha/ApiFancyCaptchaReload.Php.  This issue affects ConfirmEdit: *.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61635","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03675","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03646","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03696","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03661","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03672","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04164","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04097","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04125","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04001","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03986","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03956","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03936","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03948","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0407","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04085","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04103","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04137","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61635"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61635","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61635"},{"reference_url":"https://phabricator.wikimedia.org/T355073","reference_id":"T355073","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/AU:Y/RE:M/U:Amber"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:13:27Z/"}],"url":"https://phabricator.wikimedia.org/T355073"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930700?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930701?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61635"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m1xy-yucr-dqfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96836?format=json","vulnerability_id":"VCID-mbs4-gs37-1fh5","summary":"Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/RecentChanges/EnhancedChangesList.Php.  This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61646","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00382","published_at":"2026-04-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00396","published_at":"2026-04-04T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00383","published_at":"2026-04-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00385","published_at":"2026-04-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00588","published_at":"2026-05-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00593","published_at":"2026-05-05T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00591","published_at":"2026-05-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00547","published_at":"2026-04-12T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00548","published_at":"2026-04-13T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00545","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0055","published_at":"2026-04-18T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00587","published_at":"2026-04-21T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00584","published_at":"2026-04-24T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00586","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61646"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61646","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61646"},{"reference_url":"https://phabricator.wikimedia.org/T398706","reference_id":"T398706","reference_type":"","scores":[{"value":"1.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:04:40Z/"}],"url":"https://phabricator.wikimedia.org/T398706"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930700?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930701?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61646"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mbs4-gs37-1fh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64776?format=json","vulnerability_id":"VCID-pm3s-z5ap-qqay","summary":"MediaWiki: MediaWiki: Arbitrary code execution via Cross-site Scripting (XSS)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61640.json","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61640.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61640","reference_id":"","reference_type":"","scores":[{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00261","published_at":"2026-04-08T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00267","published_at":"2026-04-04T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00259","published_at":"2026-04-09T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00263","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00363","published_at":"2026-05-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00369","published_at":"2026-04-26T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00365","published_at":"2026-05-05T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00353","published_at":"2026-04-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0035","published_at":"2026-04-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00348","published_at":"2026-04-13T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00343","published_at":"2026-04-16T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00347","published_at":"2026-04-18T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0037","published_at":"2026-04-21T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00368","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61640"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61640","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61640"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436106","reference_id":"2436106","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436106"},{"reference_url":"https://phabricator.wikimedia.org/T402075","reference_id":"T402075","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:09:45Z/"}],"url":"https://phabricator.wikimedia.org/T402075"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930700?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930701?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61640"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pm3s-z5ap-qqay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/335422?format=json","vulnerability_id":"VCID-r5gb-8nuq-2yca","summary":"Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Rest/Handler/PageHTMLHandler.Php.\n\nThis issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61634","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00405","published_at":"2026-04-08T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00416","published_at":"2026-04-04T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00407","published_at":"2026-04-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00409","published_at":"2026-04-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00628","published_at":"2026-05-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00621","published_at":"2026-04-24T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00631","published_at":"2026-05-05T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00586","published_at":"2026-04-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00582","published_at":"2026-04-12T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00584","published_at":"2026-04-18T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00579","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00624","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61634"},{"reference_url":"https://phabricator.wikimedia.org/T387478","reference_id":"T387478","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/RE:M/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:15:08Z/"}],"url":"https://phabricator.wikimedia.org/T387478"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930620?format=json","purl":"pkg:deb/debian/mediawiki@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930701?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61634"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r5gb-8nuq-2yca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96832?format=json","vulnerability_id":"VCID-sr9a-a6vt-1qgt","summary":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid. This vulnerability is associated with program files includes/parser/Sanitizer.Php, src/Core/Sanitizer.Php.  This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1; Parsoid: from * before 0.16.6, 0.20.4, 0.21.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61638","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00312","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00323","published_at":"2026-04-02T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00311","published_at":"2026-04-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00321","published_at":"2026-04-04T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00466","published_at":"2026-05-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00461","published_at":"2026-04-29T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00464","published_at":"2026-05-05T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00437","published_at":"2026-04-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00432","published_at":"2026-04-12T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00431","published_at":"2026-04-13T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00428","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00433","published_at":"2026-04-18T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00463","published_at":"2026-05-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00462","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61638"},{"reference_url":"https://phabricator.wikimedia.org/T401099","reference_id":"T401099","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:10:22Z/"}],"url":"https://phabricator.wikimedia.org/T401099"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930700?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930701?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61638"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sr9a-a6vt-1qgt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/309712?format=json","vulnerability_id":"VCID-vaaj-f4v8-qbhj","summary":"Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') vulnerability in The Wikimedia Foundation Mediawiki - DiscussionTools Extension allows Regular Expression Exponential Blowup.This issue affects Mediawiki - DiscussionTools Extension: 1.44, 1.43.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11175","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.021","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02093","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02095","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02466","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02322","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02307","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02313","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02411","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02393","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02382","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02435","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02426","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02338","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.0236","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02337","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02324","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11175"},{"reference_url":"https://gerrit.wikimedia.org/r/q/I126203ab1d3ec8c1719cbb5460a887e4d0c2cc6d","reference_id":"I126203ab1d3ec8c1719cbb5460a887e4d0c2cc6d","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-30T19:28:31Z/"}],"url":"https://gerrit.wikimedia.org/r/q/I126203ab1d3ec8c1719cbb5460a887e4d0c2cc6d"},{"reference_url":"https://gerrit.wikimedia.org/r/q/I563219f3298a8740e158d130492bf3d2897784d7","reference_id":"I563219f3298a8740e158d130492bf3d2897784d7","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-30T19:28:31Z/"}],"url":"https://gerrit.wikimedia.org/r/q/I563219f3298a8740e158d130492bf3d2897784d7"},{"reference_url":"https://phabricator.wikimedia.org/T364910","reference_id":"T364910","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-30T19:28:31Z/"}],"url":"https://phabricator.wikimedia.org/T364910"},{"reference_url":"https://phabricator.wikimedia.org/T396248","reference_id":"T396248","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-30T19:28:31Z/"}],"url":"https://phabricator.wikimedia.org/T396248"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930620?format=json","purl":"pkg:deb/debian/mediawiki@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930701?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-11175"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vaaj-f4v8-qbhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96838?format=json","vulnerability_id":"VCID-vjd5-jv5h-yfhw","summary":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files includes/ApiVisualEditorEdit.Php, modules/ve-mw/init/targets/ve.Init.Mw.DesktopArticleTarget.Js, modules/ve-mw/ui/dialogs/ve.Ui.MWSaveDialog.Js.  This issue affects VisualEditor: from * before 1.39.14, 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61655","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04535","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05892","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05502","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05664","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.057","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05736","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05742","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05749","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05825","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05549","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05542","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05492","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13002","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13121","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.12923","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13053","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13067","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61655"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61655","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61655"},{"reference_url":"https://phabricator.wikimedia.org/T395858","reference_id":"T395858","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:00:47Z/"}],"url":"https://phabricator.wikimedia.org/T395858"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930700?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930701?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61655"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vjd5-jv5h-yfhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96835?format=json","vulnerability_id":"VCID-ztxx-cc2c-87at","summary":"Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/recentchanges/RecentChangeRCFeedNotifier.Php.  This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61643","reference_id":"","reference_type":"","scores":[{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00612","published_at":"2026-04-08T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00619","published_at":"2026-04-02T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00606","published_at":"2026-04-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00611","published_at":"2026-04-04T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00614","published_at":"2026-04-07T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00813","published_at":"2026-05-09T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00822","published_at":"2026-04-26T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00818","published_at":"2026-05-07T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00777","published_at":"2026-04-11T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.0077","published_at":"2026-04-12T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00772","published_at":"2026-04-16T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00776","published_at":"2026-04-18T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.0082","published_at":"2026-05-05T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00821","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61643"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61643","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61643"},{"reference_url":"https://phabricator.wikimedia.org/T403757","reference_id":"T403757","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/RE:M/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:15:36Z/"}],"url":"https://phabricator.wikimedia.org/T403757"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930700?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930701?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61643"],"risk_score":0.8,"exploitability":"0.5","weighted_severity":"1.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ztxx-cc2c-87at"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.5%252Bdfsg-1%3Fdistro=trixie"}