Recent Advisories

Severity ID Title Vendor Product Date Type
LOW 1 CVE-2025-11598

Exposure of Confidential Information in mObywatel application_CVE-2025-11598

In mObywatel iOS application an unauthorized user can use the App Switcher to view the account owner's personal information in the minimized app wi...

Centralny Ośrodek Informatyki mObywatel CVE
LOW 1.7 CVE-2025-67482

Lua segfault in unpack()_CVE-2025-67482

Vulnerability in Wikimedia Foundation Scribunto, Wikimedia Foundation luasandbox. This vulnerability is associated with program files includes/Engi...

Wikimedia Foundation Scribunto * CVE
LOW 0.3 CVE-2025-61647

UserInfoCard: Don’t allow access to information about users who are suppressed if you don’t have suppressor rights_CVE-2025-61647

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Api/Rest/Handler/UserInfoHandler.Php. Thi...

Wikimedia Foundation CheckUser a3dc1bbcc33acbcca6831d6afaccbb1054c93a57, 0584eb2ad564648aa3ce9c555dd044dda02b55f4 CVE
LOW 1.1 CVE-2025-61650

UserInfoCard is vulnerable to message key stored XSS_CVE-2025-61650

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation CheckUser. This v...

Wikimedia Foundation CheckUser * CVE
LOW 1.1 CVE-2025-61649

UserInfoCard: Check that performing user has permission to view log entries for number of past blocks_CVE-2025-61649

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Services/CheckUserUserInfoCardService.Php....

Wikimedia Foundation CheckUser 7cedd58781d261f110651b6af4f41d2d11ae7309 CVE
LOW 1.2 CVE-2025-61646

Watchlist group mode reveals authors of edits with hidden authorship_CVE-2025-61646

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/RecentChanges/EnhancedChangesList.Php...

Wikimedia Foundation MediaWiki * CVE
LOW 1.3 CVE-2025-67476

Importing leaks IP address of importer via EventStreams_CVE-2025-67476

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Import/ImportableOldRevisionImporter....

Wikimedia Foundation MediaWiki * CVE
LOW 1.3 CVE-2025-61658

Special:GlobalContributions shows edits on wikis the viewer doesn’t have access to_CVE-2025-61658

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/GlobalContributions/GlobalContributionsPag...

Wikimedia Foundation CheckUser * CVE
LOW 2.7 CVE-2025-61653

Extension:TextExtracts does not check for authorizeRead when returning extracts_CVE-2025-61653

Vulnerability in Wikimedia Foundation TextExtracts. This vulnerability is associated with program files includes/ApiQueryExtracts.Php. This issue ...

Wikimedia Foundation TextExtracts * CVE
LOW 2.7 CVE-2025-61652

Action API discussiontoolspageinfo does not check for authorizeRead for the page_CVE-2025-61652

Vulnerability in Wikimedia Foundation DiscussionTools.This issue affects DiscussionTools: from * before 1.43.4, 1.44.1.

Wikimedia Foundation DiscussionTools * CVE