CVE-2026-58033
MediumCVSS 5.3Exploitation Probability (EPSS)
Low risk34th percentile — higher than 34% of all known CVEs
Summary
A vulnerability in MediaWiki allows an unauthorized actor to access sensitive information. The issue is located in the includes/Actions/InfoAction.php file.
Risk Assessment
The organization is at risk of sensitive data leakage, which could lead to user privacy breaches and loss of trust.
Recommendation
Immediately update MediaWiki to version 1.46.0, 1.45.4, 1.44.6, or 1.43.9 depending on the branch in use.
Original NVD description (English source)
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Actions/InfoAction.Php. This issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.

