{"url":"http://public2.vulnerablecode.io/api/packages/930707?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.3%2Bdfsg-1?distro=trixie","type":"deb","namespace":"debian","name":"mediawiki","version":"1:1.43.3+dfsg-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1:1.43.5+dfsg-1","latest_non_vulnerable_version":"1:1.43.8+dfsg-2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/339301?format=json","vulnerability_id":"VCID-4r56-cjss-1kef","summary":"Vulnerability in Wikimedia Foundation AbuseFilter. This vulnerability is associated with program files includes/auth/AuthManager.Php.\n\nThis issue affects AbuseFilter: from fe0b1cb9e9691faf4d8d9bd80646589f6ec37615 before 1.43.2, 1.44.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6592","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03806","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03774","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0383","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03786","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03802","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04384","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04365","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04373","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04188","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04171","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04145","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04115","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04122","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04245","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04257","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04276","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0431","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04296","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04322","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04359","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04363","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6592"},{"reference_url":"https://phabricator.wikimedia.org/T391218","reference_id":"T391218","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T14:48:41Z/"}],"url":"https://phabricator.wikimedia.org/T391218"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930620?format=json","purl":"pkg:deb/debian/mediawiki@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062498?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-wktm-ya6k-v7dv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930707?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062497?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-6592"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4r56-cjss-1kef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96891?format=json","vulnerability_id":"VCID-95d1-mkm6-r3cq","summary":"Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/api/ApiFeedContributions.Php.  This issue affects MediaWiki: from * before 1.39.13, 1.42.7 1.43.2, 1.44.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6591","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01842","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01844","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01856","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01852","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01899","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01862","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01848","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01863","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01864","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01836","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02371","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02275","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02068","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02064","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02066","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02083","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02299","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02286","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02283","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02268","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02062","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6591"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6591","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6591"},{"reference_url":"https://phabricator.wikimedia.org/T392276","reference_id":"T392276","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T15:32:29Z/"}],"url":"https://phabricator.wikimedia.org/T392276"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930703?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930702?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.13-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.13-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062498?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-wktm-ya6k-v7dv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930707?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062497?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-6591"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-95d1-mkm6-r3cq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64779?format=json","vulnerability_id":"VCID-a8nh-mvhd-bka7","summary":"MediaWiki: MediaWiki: Vulnerability in authentication management","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6597.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6597.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6597","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05716","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05644","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05743","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05684","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05676","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06374","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06353","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06362","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05974","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05965","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05955","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05921","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05932","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06083","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06105","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06134","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06142","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06164","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06264","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06339","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6597","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6597"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436116","reference_id":"2436116","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436116"},{"reference_url":"https://phabricator.wikimedia.org/T389009","reference_id":"T389009","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:12:25Z/"}],"url":"https://phabricator.wikimedia.org/T389009"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930703?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930702?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.13-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.13-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062498?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-wktm-ya6k-v7dv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930707?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062497?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-6597"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a8nh-mvhd-bka7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96893?format=json","vulnerability_id":"VCID-b5ke-cjtq-q3ev","summary":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MultimediaViewer.This issue affects MultimediaViewer: from * before 1.39.13, 1.42.7, 1.43.2, 1.44.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6595","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00444","published_at":"2026-05-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00454","published_at":"2026-05-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00445","published_at":"2026-05-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00317","published_at":"2026-04-02T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00316","published_at":"2026-04-04T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00307","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00305","published_at":"2026-04-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00428","published_at":"2026-04-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00423","published_at":"2026-04-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00422","published_at":"2026-04-18T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00418","published_at":"2026-04-16T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0045","published_at":"2026-04-21T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00449","published_at":"2026-05-14T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00451","published_at":"2026-05-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00447","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6595"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6595","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6595"},{"reference_url":"https://phabricator.wikimedia.org/T394863","reference_id":"T394863","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T19:53:03Z/"}],"url":"https://phabricator.wikimedia.org/T394863"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930703?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930702?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.13-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.13-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062498?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-wktm-ya6k-v7dv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930707?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062497?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-6595"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b5ke-cjtq-q3ev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/339300?format=json","vulnerability_id":"VCID-bh5a-psbr-jfe6","summary":"Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/specials/pagers/BlockListPager.Php.\n\nThis issue affects MediaWiki: >= 1.42.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6589","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06266","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06209","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06307","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0624","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06222","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07046","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07003","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07041","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06692","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06686","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06676","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06605","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06597","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06755","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06753","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06762","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06782","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06916","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06988","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06981","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6589"},{"reference_url":"https://phabricator.wikimedia.org/T391343","reference_id":"T391343","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/AU:Y"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:11:14Z/"}],"url":"https://phabricator.wikimedia.org/T391343"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930620?format=json","purl":"pkg:deb/debian/mediawiki@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062498?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-wktm-ya6k-v7dv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930707?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062497?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-6589"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bh5a-psbr-jfe6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/339302?format=json","vulnerability_id":"VCID-cvrr-j6cm-zug4","summary":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Vector. This vulnerability is associated with program files resources/skins.Vector.Js/portlets.Js, resources/skins.Vector.Legacy.Js/portlets.Js.\n\nThis issue affects Vector: from >= 1.40.0 before 1.42.7, 1.43.2, 1.44.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6596","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05398","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05311","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0542","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05342","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05365","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06009","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05996","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06008","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05638","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0563","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05623","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05576","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0559","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05746","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05778","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05814","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05823","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05834","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05923","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05978","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05992","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6596"},{"reference_url":"https://phabricator.wikimedia.org/T396685","reference_id":"T396685","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:11:48Z/"}],"url":"https://phabricator.wikimedia.org/T396685"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930620?format=json","purl":"pkg:deb/debian/mediawiki@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062498?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-wktm-ya6k-v7dv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930707?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062497?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-6596"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cvrr-j6cm-zug4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64780?format=json","vulnerability_id":"VCID-fywr-5dsx-j7bd","summary":"MediaWiki: MediaWiki: Information disclosure via block list handling","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6927.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6927.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6927","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07083","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06996","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07114","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07049","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07028","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07693","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.0765","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07692","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07488","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07475","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07464","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07388","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07374","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07503","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07461","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07452","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07421","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07567","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07636","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.0763","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6927"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436108","reference_id":"2436108","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436108"},{"reference_url":"https://phabricator.wikimedia.org/T397595","reference_id":"T397595","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:12:43Z/"}],"url":"https://phabricator.wikimedia.org/T397595"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930620?format=json","purl":"pkg:deb/debian/mediawiki@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062498?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-wktm-ya6k-v7dv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930707?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062497?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-6927"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fywr-5dsx-j7bd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96917?format=json","vulnerability_id":"VCID-h3d2-nr9e-nqbk","summary":"Improper Authentication vulnerability in Wikimedia Foundation Mediawiki - CentralAuth Extension allows : Bypass Authentication.This issue affects Mediawiki - CentralAuth Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6926","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24479","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24513","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24296","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24363","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24407","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24424","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24382","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24326","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24343","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24332","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25501","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25454","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25446","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.5073","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50607","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50639","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50717","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50647","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.5057","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50624","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50653","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6926"},{"reference_url":"https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165117","reference_id":"1165117","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-03T17:40:14Z/"}],"url":"https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165117"},{"reference_url":"https://phabricator.wikimedia.org/T389010","reference_id":"T389010","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-03T17:40:14Z/"}],"url":"https://phabricator.wikimedia.org/T389010"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930703?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930702?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.13-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.13-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062498?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-wktm-ya6k-v7dv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930707?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062497?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-6926"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h3d2-nr9e-nqbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96890?format=json","vulnerability_id":"VCID-h789-pcxv-kbgd","summary":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLUserTextField.Php.  This issue affects MediaWiki: from * through 1.39.12, 1.42.76 1.43.1, 1.44.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6590","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01801","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01803","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01527","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01531","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01534","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01538","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01541","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01727","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01717","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01716","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01705","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01706","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01796","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01808","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01802","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01847","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01809","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01795","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01812","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01817","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01794","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6590"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6590","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6590"},{"reference_url":"https://phabricator.wikimedia.org/T392746","reference_id":"T392746","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:11:34Z/"}],"url":"https://phabricator.wikimedia.org/T392746"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930703?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930702?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.13-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.13-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062498?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-wktm-ya6k-v7dv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930707?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062497?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-6590"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h789-pcxv-kbgd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64778?format=json","vulnerability_id":"VCID-k7qb-7hbj-1qc2","summary":"MediaWiki: MediaWiki: Cross-site Scripting vulnerability via improper input neutralization","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6594.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6594.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6594","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00317","published_at":"2026-04-02T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00444","published_at":"2026-05-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00447","published_at":"2026-05-15T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00454","published_at":"2026-05-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00445","published_at":"2026-05-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00316","published_at":"2026-04-04T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00307","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00305","published_at":"2026-04-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00428","published_at":"2026-04-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00423","published_at":"2026-04-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00422","published_at":"2026-04-18T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00418","published_at":"2026-04-16T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0045","published_at":"2026-04-21T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00449","published_at":"2026-05-14T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00451","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6594"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6594","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6594"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436122","reference_id":"2436122","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436122"},{"reference_url":"https://phabricator.wikimedia.org/T395063","reference_id":"T395063","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T19:57:15Z/"}],"url":"https://phabricator.wikimedia.org/T395063"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930703?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930702?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.13-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.13-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062498?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-wktm-ya6k-v7dv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930707?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062497?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-6594"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k7qb-7hbj-1qc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96892?format=json","vulnerability_id":"VCID-xtd9-wbd9-67ew","summary":"Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/user/User.Php.  This issue affects MediaWiki: from 1.27.0 before 1.39.13, 1.42.7 1.43.2, 1.44.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6593","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03675","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03646","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03696","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03661","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03672","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04199","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0417","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04186","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04001","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03986","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03956","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03936","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03948","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0407","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04085","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04103","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04137","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04097","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04125","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04164","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04166","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6593"},{"reference_url":"https://phabricator.wikimedia.org/T396230","reference_id":"T396230","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T14:42:43Z/"}],"url":"https://phabricator.wikimedia.org/T396230"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930703?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930702?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.13-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.13-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062498?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-wktm-ya6k-v7dv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930707?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062497?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-6593"],"risk_score":0.7,"exploitability":"0.5","weighted_severity":"1.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xtd9-wbd9-67ew"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.3%252Bdfsg-1%3Fdistro=trixie"}