LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 1.7	CVE-2025-67482	Lua segfault in unpack()_CVE-2025-67482 Vulnerability in Wikimedia Foundation Scribunto, Wikimedia Foundation luasandbox. This vulnerability is associated with program files includes/Engi...	Wikimedia Foundation	Scribunto *	Feb 3, 2026	CVE
LOW 0.3	CVE-2025-61647	UserInfoCard: Don’t allow access to information about users who are suppressed if you don’t have suppressor rights_CVE-2025-61647 Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Api/Rest/Handler/UserInfoHandler.Php. Thi...	Wikimedia Foundation	CheckUser a3dc1bbcc33acbcca6831d6afaccbb1054c93a57, 0584eb2ad564648aa3ce9c555dd044dda02b55f4	Feb 3, 2026	CVE
LOW 1.1	CVE-2025-61650	UserInfoCard is vulnerable to message key stored XSS_CVE-2025-61650 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation CheckUser. This v...	Wikimedia Foundation	CheckUser *	Feb 3, 2026	CVE
LOW 1.1	CVE-2025-61649	UserInfoCard: Check that performing user has permission to view log entries for number of past blocks_CVE-2025-61649 Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Services/CheckUserUserInfoCardService.Php....	Wikimedia Foundation	CheckUser 7cedd58781d261f110651b6af4f41d2d11ae7309	Feb 3, 2026	CVE
LOW 1.2	CVE-2025-61646	Watchlist group mode reveals authors of edits with hidden authorship_CVE-2025-61646 Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/RecentChanges/EnhancedChangesList.Php...	Wikimedia Foundation	MediaWiki *	Feb 3, 2026	CVE
LOW 1.3	CVE-2025-67476	Importing leaks IP address of importer via EventStreams_CVE-2025-67476 Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Import/ImportableOldRevisionImporter....	Wikimedia Foundation	MediaWiki *	Feb 3, 2026	CVE
LOW 1.3	CVE-2025-61658	Special:GlobalContributions shows edits on wikis the viewer doesn’t have access to_CVE-2025-61658 Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/GlobalContributions/GlobalContributionsPag...	Wikimedia Foundation	CheckUser *	Feb 3, 2026	CVE
LOW 2.7	CVE-2025-61653	Extension:TextExtracts does not check for authorizeRead when returning extracts_CVE-2025-61653 Vulnerability in Wikimedia Foundation TextExtracts. This vulnerability is associated with program files includes/ApiQueryExtracts.Php. This issue ...	Wikimedia Foundation	TextExtracts *	Feb 3, 2026	CVE
LOW 2.7	CVE-2025-61652	Action API discussiontoolspageinfo does not check for authorizeRead for the page_CVE-2025-61652 Vulnerability in Wikimedia Foundation DiscussionTools.This issue affects DiscussionTools: from * before 1.43.4, 1.44.1.	Wikimedia Foundation	DiscussionTools *	Feb 3, 2026	CVE
LOW 2.3	CVE-2026-25221	PolarLearn has Multiple Login CSRFs via Missing OAuth state Parameter (GitHub & Google)_CVE-2026-25221 PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, the OAuth 2.0 implementation for GitHub and Google login pro...	polarnl	PolarLearn <= v0-PRERELEASE-15	Feb 2, 2026	CVE