CVE-2026-58517

Summary

Improper neutralization of input terminators vulnerability in The Wikimedia Foundation Mediawiki - WikiLambda Extension allows Authentication Bypass.

This issue affects Mediawiki - WikiLambda Extension: from * before 1.43.9,1.44.6,1.45.4.

Affected Software

VendorProductVersion RangeStatus
The Wikimedia FoundationMediawiki - WikiLambda Extension* < 1.43.9,1.44.6,1.45.4affected

Weaknesses

  • CWE-288: CWE-288 Authentication bypass using an alternate path or channel

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References