{"id":"CVE-2026-34088","details":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki.\n\nThis issue affects MediaWiki: from * before 1.43.7, 1.44.4, 1.45.2.","modified":"2026-07-08T08:12:51.174326331Z","published":"2026-05-11T16:17:30.157Z","database_specific":{},"references":[{"type":"REPORT","url":"https://phabricator.wikimedia.org/T410429"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/wikimedia/mediawiki","events":[{"introduced":"0"},{"fixed":"59b795f1b1b2f664b0f9d966b93f8a3347d3d17c"},{"introduced":"858ee255edbe0da2ff8152df403cac2dba2c9948"},{"fixed":"d97186dd0b639fe0d4e98e839df52497f2a632a7"},{"introduced":"99b4a221a98c0ac1531c3f4e31248562833dbc82"},{"fixed":"1367e89489e17de24356ad6d3c473a649ee3a03b"}],"database_specific":{"cpe":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","source":"CPE_RANGE","extracted_events":[{"introduced":"0"},{"fixed":"1.43.7"},{"introduced":"1.44.0"},{"fixed":"1.44.4"},{"introduced":"1.45.0"},{"fixed":"1.45.2"}]}}],"versions":["1.45.1","1.44.3","1.43.6","1.45.0","1.43.5","1.44.2","1.43.4","1.44.0","1.43.3","1.43.2","1.43.1","1.43.0","1.43.0-rc.0","test-hashar-for-ci","1.6.0","1.5.0beta4","1.5.0beta3","1.5.0beta2","1.5.0beta1","1.5.0alpha2","1.5.0alpha1","1.3.0beta1","1.1.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-34088.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}