Description

Improper removal of sensitive information before storage or transfer vulnerability in The Wikimedia Foundation Mediawiki - CentralAuth Extension allows Resource Leak Exposure.This issue affects non release branches.

INFO

Published Date :

2026-04-07T21:44:46.515Z

Last Modified :

2026-04-08T21:58:19.900Z

Source :

wikimedia-foundation
AFFECTED PRODUCTS

The following products are affected by CVE-2026-39937 vulnerability.

Vendors Products
Wikimedia
  • Mediawiki - Centralauth Extension
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-39937.

URL Resource
https://gerrit.wikimedia.org/r/q/I0b72427fa329aee85841a2cb23dec3058edce85e cve-icon cve-icon
https://phabricator.wikimedia.org/T418122 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability