LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 1.3	CVE-2025-67476	Importing leaks IP address of importer via EventStreams_CVE-2025-67476 Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Import/ImportableOldRevisionImporter....	Wikimedia Foundation	MediaWiki *	Feb 3, 2026	CVE
LOW 1.3	CVE-2025-61658	Special:GlobalContributions shows edits on wikis the viewer doesn’t have access to_CVE-2025-61658 Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/GlobalContributions/GlobalContributionsPag...	Wikimedia Foundation	CheckUser *	Feb 3, 2026	CVE
LOW 2.7	CVE-2025-61653	Extension:TextExtracts does not check for authorizeRead when returning extracts_CVE-2025-61653 Vulnerability in Wikimedia Foundation TextExtracts. This vulnerability is associated with program files includes/ApiQueryExtracts.Php. This issue ...	Wikimedia Foundation	TextExtracts *	Feb 3, 2026	CVE
LOW 2.7	CVE-2025-61652	Action API discussiontoolspageinfo does not check for authorizeRead for the page_CVE-2025-61652 Vulnerability in Wikimedia Foundation DiscussionTools.This issue affects DiscussionTools: from * before 1.43.4, 1.44.1.	Wikimedia Foundation	DiscussionTools *	Feb 3, 2026	CVE
LOW 2.3	CVE-2026-25221	PolarLearn has Multiple Login CSRFs via Missing OAuth state Parameter (GitHub & Google)_CVE-2026-25221 PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, the OAuth 2.0 implementation for GitHub and Google login pro...	polarnl	PolarLearn <= v0-PRERELEASE-15	Feb 2, 2026	CVE
LOW 2.3	CVE-2025-6927	Autoblocks from global account suppressions are publicly visible_CVE-2025-6927 Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/specials/pagers/BlockListPager.Php, i...	Wikimedia Foundation	MediaWiki >= 1.42.0	Feb 2, 2026	CVE
LOW 2.1	CVE-2025-6593	“{{SITENAME}} registered email address has been changed” email sent to unverified email addresses_CVE-2025-6593 Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/user/User.Php. This issue affects Me...	Wikimedia Foundation	MediaWiki 1.27.0	Feb 2, 2026	CVE
LOW 2.1	CVE-2025-6592	Creating a permanent account from a temporary account associates temp username and IP address with real username in AbuseLog_CVE-2025-6592 Vulnerability in Wikimedia Foundation AbuseFilter. This vulnerability is associated with program files includes/auth/AuthManager.Php. This issue a...	Wikimedia Foundation	AbuseFilter fe0b1cb9e9691faf4d8d9bd80646589f6ec37615	Feb 2, 2026	CVE
LOW 2.1	CVE-2025-6589	With MultiBlocks enabled and a user who is suppressed via a MultiBlock, a user without ‘hideuser’ can see the hidden username in the BlockList_CVE-2025-6589 Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/specials/pagers/BlockListPager.Php. ...	Wikimedia Foundation	MediaWiki >= 1.42.0	Feb 2, 2026	CVE
LOW 2.8	CVE-2025-36194	This Power System update is being released to address_CVE-2025-36194 IBM PowerVM Hypervisor FW1110.00 through FW1110.03, FW1060.00 through FW1060.51, and FW950.00 through FW950.F0 may expose a limited amount of data ...	IBM	PowerVM Hypervisor FW1110.00	Feb 2, 2026	CVE