Every CVE whose affected-product data names Mediawiki Checkuser, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2025-67478 — CVSS 8.8 (high): Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This…
CVE-2026-34090 — CVSS 7.5 (high): Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation CheckUser. This issue affects CheckUser…
CVE-2015-2940 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the CheckUser extension for MediaWiki allows remote attackers to hijack the…
CVE-2019-18611 — CVSS 6.5 (medium): An issue was discovered in the CheckUser extension through 1.34 for MediaWiki. Certain sensitive information within oversighted edit…
CVE-2025-61648 — CVSS 6.1 (medium): Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation…
CVE-2025-61651 — CVSS 6.1 (medium): Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation…
CVE-2019-16529 — CVSS 5.3 (medium): An issue was discovered in the CheckUser extension through 1.35.0 for MediaWiki. Oversighted edit summaries are still visible in CheckUser…
CVE-2025-61658 — CVSS 4.3 (medium): Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/GlobalContributions/GlobalContribut…