PatchSiren cyber security CVE debrief
CVE-2026-8857 Wikimedia Foundation CVE debrief
A vulnerability in Wikimedia Foundation timeline affects Mediawiki versions before 1.46.0, 1.45.4, 1.44.6, and 1.43.9. This issue is associated with program files scripts/EasyTimeline.Pl and includes/Timeline.Php. The vulnerability has a CVSS severity of NONE and a CVSS score that is not provided. Users of affected Mediawiki versions should be aware of this vulnerability and take necessary defensive actions. The CVE record was published on 2026-07-01T16:16:53.847Z and last modified on 2026-07-09T17:20:24.080Z.
- Vendor
- Wikimedia Foundation
- Product
- timeline
- CVSS
- NONE
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-01
- Original CVE updated
- 2026-07-09
- Advisory published
- 2026-07-01
- Advisory updated
- 2026-07-09
Who should care
Users of Mediawiki versions before 1.46.0, 1.45.4, 1.44.6, and 1.43.9 should be aware of this vulnerability and take necessary defensive actions. This includes operators, platform administrators, vulnerability management teams, and security teams who need to review and mitigate this vulnerability.
Technical summary
The vulnerability in Wikimedia Foundation timeline is associated with program files scripts/EasyTimeline.Pl and includes/Timeline.Php. It affects Mediawiki versions before 1.46.0, 1.45.4, 1.44.6, and 1.43.9. The CVSS score is not provided, but the CVSS severity is NONE. The vulnerability has limited scope and potential impact.
Defensive priority
Medium priority due to limited scope and potential impact. Affected Mediawiki versions should be reviewed and patched or mitigated as necessary.
Recommended defensive actions
- Inventory and verify affected Mediawiki versions
- Apply vendor remediation or patches
- Monitor for potential exploitation attempts
- Implement compensating controls if patches cannot be applied
- Review relevant monitoring, detection, and logs for exposed assets that need extra review
Evidence notes
The CVE record was published on 2026-07-01T16:16:53.847Z and last modified on 2026-07-09T17:20:24.080Z. The NVD entry is currently Analyzed. The vulnerability affects Mediawiki versions before 1.46.0, 1.45.4, 1.44.6, and 1.43.9, associated with program files scripts/EasyTimeline.Pl and includes/Timeline.Php. Evidence is limited to CVE and NVD details.
Official resources
-
CVE-2026-8857 CVE record
CVE.org
-
CVE-2026-8857 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
c4f26cc8-17ff-4c99-b5e2-38fc1793eacc - Exploit, Third Party Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-01T16:16:53.847Z and has not been modified since then. The NVD entry is currently Analyzed.