CVE security advisories and vulnerability history for mediawiki by wikimedia.
222
Total CVEs
Published
0
In CISA KEV
Exploited in the wild
28
Public exploits
With known exploit
5.8
Avg CVSS
2017–2026
Last updated
Overview
wikimedia mediawiki has 222 published CVE records since 2017, of which 0 are in CISA's Known Exploited Vulnerabilities catalog and 28 have a known public exploit. The average CVSS base score across scored CVEs is 5.8.
This page aggregates every publicly disclosed vulnerability (CVE) affecting wikimedia mediawiki, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list.
Severity and exploitation
How the CVSS severity of wikimedia mediawiki's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.
Critical2
High7
Medium39
Low1
173 additional CVEs have no CVSS severity score.
In CISA’s Known Exploited Vulnerabilities catalog
0
None of wikimedia mediawiki's CVEs are currently listed in CISA's KEV catalog.
Public exploits
28
28 of wikimedia mediawiki's CVEs have a known public exploit available.
Affected versions and CVEs
Browse every wikimedia mediawiki version named in a CVE, then pick one to see only the CVEs that affect it.
Common questions about wikimedia mediawiki vulnerabilities.
How many CVEs does wikimedia mediawiki have?
wikimedia mediawiki has 222 published CVE records since 2017.
How many wikimedia mediawiki CVEs are in CISA KEV?
None of wikimedia mediawiki's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.
Are there public exploits for wikimedia mediawiki vulnerabilities?
Yes — 28 of wikimedia mediawiki's CVEs have a known public exploit.
Which versions of wikimedia mediawiki are affected?
912 distinct wikimedia mediawiki versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.
What are the most common weakness types in wikimedia mediawiki CVEs?
wikimedia mediawiki's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor), CWE-352 (Cross-Site Request Forgery (CSRF)), CWE-532 (Insertion of Sensitive Information into Log File).
How many critical wikimedia mediawiki vulnerabilities are there?
wikimedia mediawiki has 2 critical and 7 high-severity CVEs.
What is the average severity of wikimedia mediawiki CVEs?
The average CVSS base score across wikimedia mediawiki's scored CVEs is 5.8.
