mediawiki security advisories
5 threat alerts tracking vulnerabilities and security advisories that affect mediawiki products.
Vulnios monitors mediawiki CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent mediawiki security news in one place, or click into an individual alert for full detail.
Critical Vulnerability: CVE-2026-58521 — mediawiki — cargo
Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in The Wikimedia Foundation Mediawiki - Cargo Extension allows SQL Injection. This issue affects Med
criticalCVE-2026-58521Critical Vulnerability: CVE-2014-9487 — mediawiki — mediawiki
The getid3 library in MediaWiki before 1.24.1, 1.23.8, 1.22.15 and 1.19.23 allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External
criticalCVE-2014-9487Critical Vulnerability: CVE-2015-8009 — mediawiki — mediawiki
The MWOAuthDataStore::lookup_token function in Extension:OAuth for MediaWiki 1.25.x before 1.25.3, 1.24.x before 1.24.4, and before 1.23.11 does not properly validate the signature when checking the a
criticalCVE-2015-8009Critical Vulnerability: CVE-2015-8626 — mediawiki — mediawiki
The User::randomPassword function in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 generates passwords smaller than $wgMinimalPasswordLength, which mak
criticalCVE-2015-8626Critical Vulnerability: CVE-2025-67484 — mediawiki — mediawiki
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiFormatXml.Php. This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3
criticalCVE-2025-67484
Track mediawiki exposure across your environment
Vulnios automatically cross-references your asset inventory against new mediawiki CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.
Start a free scan