CVE Catalog
CVE-2026-13706
UnknownCVSS 0.0Exploitation Probability (EPSS)
Low risk0.28%
20th percentile — higher than 20% of all known CVEs
Summary
An improper input validation vulnerability has been discovered in the Wikimedia Foundation UrlShortener library. The issue is located in the includes/UrlShortenerUtils.php file.
Risk Assessment
An attacker could exploit this flaw to manipulate URL shortening, potentially leading to redirects to malicious sites or other phishing attacks.
Recommendation
Immediately update the UrlShortener library to the latest patched version. Additionally, implement extra input validation in applications using this component.
Original NVD description (English source)
Improper input validation vulnerability in Wikimedia Foundation UrlShortener. This vulnerability is associated with program files includes/UrlShortenerUtils.Php.

