Vulnerability in CheckUser by Wikimedia Foundation
CVE-2025-61658

1.3LOW

Key Information:

Vendor

Wikimedia Foundation

Status
Checkuser
Vendor
CVE Published:
3 February 2026

What is CVE-2025-61658?

A security flaw exists in the CheckUser tool developed by the Wikimedia Foundation, particularly affecting versions prior to 1.43.4 and 1.44.1. This vulnerability could allow unauthorized access to sensitive functionalities within the CheckUser application, which is designed to assist in user verification and abuse prevention. Users of the affected versions are strongly advised to update to the latest version to mitigate any potential risks related to this vulnerability.

Affected Version(s)

CheckUser * < 1.43.4, 1.44.1

References

https://phabricator.wikimedia.org/T404805

CVSS V4

Score:
1.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.