Wikimedia Foundation CheckUser UserMailer.php Vulnerability

Vulnerability

A vulnerability exists in the Wikimedia Foundation CheckUser extension, specifically in the UserMailer.php file. This issue affects CheckUser versions prior to 1.39.14, as well as 1.43.4 and 1.44.1.

Impact

Exploitation of this vulnerability could lead to unauthorized access or manipulation of user mailer functionalities within the CheckUser extension.

Added: Feb 3, 2026, 2:21 AM

Updated: Feb 3, 2026, 2:21 AM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

0.0

exploitability

7.6

remediation

0.0

relevance

2.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

0.0

exploitability

7.6

remediation

0.0

relevance

2.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Wikimedia Foundation CheckUser UserMailer.php Vulnerability

Vulnerability

Impact

Affected Products

Wikimedia Foundation CheckUser

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating