Vulnerability in Wikimedia Foundation AbuseFilter Affecting Multiple Versions
CVE-2026-34086

2.1LOW

Key Information:

Vendor: Wikimedia Foundation
Status: Abusefilter
Vendor: CVE Published:; 11 May 2026

🔔 Create Wikimedia Foundation Vulnerability Alert

What is CVE-2026-34086?

Wikimedia Foundation's AbuseFilter has a notable security flaw that impacts multiple versions, including versions before 1.43.7 and versions 1.44.4 and 1.45.2. This vulnerability may expose systems utilizing the software to various security risks, potentially enabling unauthorized actions or data manipulation. Users are advised to assess their current versions and apply the latest patches to mitigate such risks and enhance their security posture.

Affected Version(s)

AbuseFilter * < 1.43.7, 1.44.4, 1.45.2

References

https://phabricator.wikimedia.org/T415584

CVSS V4

Score:

2.1

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 11, 2026
Vulnerability Reserved
Mar 25, 2026

CVE-2026-34086 Data

JSON