CVE-2025-61649

UserInfoCard: Check that performing user has permission to view log entries for number of past blocks

Description

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Services/CheckUserUserInfoCardService.Php. This issue affects CheckUser: from 7cedd58781d261f110651b6af4f41d2d11ae7309.

INFO

Published Date :

2026-02-03T00:17:18.105Z

Last Modified :

2026-03-03T15:46:41.380Z

Source :

wikimedia-foundation

AFFECTED PRODUCTS

The following products are affected by CVE-2025-61649 vulnerability.

Vendors	Products
Wikimedia	Checkuser

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-61649.

URL	Resource
https://phabricator.wikimedia.org/T397396

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability