PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-58518 The Wikimedia Foundation CVE debrief

CVE-2026-58518 is a Cross-Site request forgery (CSRF) vulnerability in Mediawiki - RedirectManager Extension. The issue affects Mediawiki - RedirectManager Extension from before 1.3.3. This vulnerability allows an attacker to perform unintended actions on behalf of a user. The vulnerability has a CVSS score of 6.9 and is classified as MEDIUM severity. Users of Mediawiki - RedirectManager Extension before version 1.3.3 should apply the patch to prevent Cross-Site request forgery (CSRF) attacks.

Vendor
The Wikimedia Foundation
Product
Mediawiki - RedirectManager Extension
CVSS
MEDIUM 6.9
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-01
Original CVE updated
2026-07-09
Advisory published
2026-07-01
Advisory updated
2026-07-09

Who should care

Users of Mediawiki - RedirectManager Extension before version 1.3.3 should apply the patch to prevent Cross-Site request forgery (CSRF) attacks. This vulnerability allows an attacker to perform unintended actions on behalf of a user. The vulnerability has a CVSS score of 6.9 and is classified as MEDIUM severity. Operators, platform administrators, vulnerability management teams, and security teams should be aware of this vulnerability and take necessary actions to mitigate it.

Technical summary

A Cross-Site request forgery (CSRF) vulnerability exists in Mediawiki - RedirectManager Extension before version 1.3.3. This vulnerability allows an attacker to perform unintended actions on behalf of a user. The vulnerability has a CVSS score of 6.9 and is classified as MEDIUM severity. The issue affects Mediawiki - RedirectManager Extension from before 1.3.3. There is limited information available about the vulnerability, and defenders should verify the affected scope and severity.

Defensive priority

Medium priority due to the CVSS score of 6.9 and the potential for Cross-Site request forgery (CSRF) attacks.

Recommended defensive actions

  • Apply the patch to upgrade Mediawiki - RedirectManager Extension to version 1.3.3 or later.
  • Implement additional security measures such as validating user requests and ensuring proper authorization.
  • Monitor for suspicious activity and implement logging and auditing to detect potential attacks.
  • Review compensating controls for exposed systems while remediation is scheduled and verified.
  • Check relevant monitoring, detection, and logs for exposed assets that need extra review.
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented.
  • Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.

Evidence notes

The CVE record was published on 2026-07-01T05:16:22.970Z and was last modified on 2026-07-09T17:39:47.107Z. The NVD entry is currently Analyzed. The issue affects Mediawiki - RedirectManager Extension from before 1.3.3. There is limited information available about the vulnerability, and defenders should verify the affected scope and severity. The CVE record provides some details, but additional verification is necessary to ensure accurate understanding of the vulnerability.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-01T05:16:22.970Z and has not been modified since then. The NVD entry is currently Analyzed.