CVE-2026-58027
MediumCVSS 5.3Exploitation Probability (EPSS)
Low risk30th percentile — higher than 30% of all known CVEs
Summary
A vulnerability in the Wikimedia Foundation AbuseFilter extension allows an unauthorized actor to access sensitive information. The issue is located in the file includes/Api/QueryAbuseFilters.php.
Risk Assessment
The organization is at risk of leaking confidential data related to abuse filters, which could lead to user privacy breaches or exposure of internal security rules.
Recommendation
Immediately update AbuseFilter to version 1.46.0, 1.45.4, 1.44.6, or 1.43.9 depending on the branch in use.
Original NVD description (English source)
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation AbuseFilter. This vulnerability is associated with program files includes/Api/QueryAbuseFilters.Php. This issue affects AbuseFilter: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.

