CVE-2026-0817

Summary

Missing Authorization vulnerability in Wikimedia Foundation MediaWiki - CampaignEvents extension allows Privilege Abuse.This issue affects MediaWiki - CampaignEvents extension: 1.45, 1.44, 1.43, 1.39.

Affected Software

VendorProductVersion RangeStatus
Wikimedia FoundationMediaWiki - CampaignEvents extension1.45affected
Wikimedia FoundationMediaWiki - CampaignEvents extension1.44affected
Wikimedia FoundationMediaWiki - CampaignEvents extension1.43affected
Wikimedia FoundationMediaWiki - CampaignEvents extension1.39affected

Weaknesses

  • CWE-862: CWE-862 Missing Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References