PatchSiren

The Wikimedia Foundation CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM The Wikimedia Foundation CVE published 2026-07-01

CVE-2026-14363

CVE-2026-14363 is a SQL injection vulnerability in the Mediawiki - Cargo Extension. The issue affects Mediawiki - Cargo Extension versions before 1.43.9, 1.44.6, and 1.45.4. This vulnerability allows for SQL injection attacks, potentially leading to unauthorized data access or modification. Users should review the official CVE record and NVD details for accurate affected versions and upgrade guidance. The [truncated]