Vulnerability Details CVE-2026-58036
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki.
This vulnerability is associated with program files includes/Api/ApiQueryAllUsers.Php, includes/Api/ApiQueryUsers.Php, includes/Permissions/PermissionManager.Php, includes/User/UserGroupManager.Php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 15.4%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2026-58036
-
cpe:2.3:a:mediawiki:mediawiki:1.46.0