Wikimedia Foundation MediaWiki VisualData Extension Regular Expression Exponential Blowup Vulnerability

Vulnerability

A vulnerability allowing regular expression exponential blowup has been identified in the Wikimedia Foundation MediaWiki VisualData Extension, specifically in version 1.45. This issue arises from inefficient regular expression complexity, which can lead to performance degradation by causing certain patterns to take an excessive amount of time to process.

Impact

Exploitation of this vulnerability can lead to a denial-of-service condition, where the application becomes unresponsive or significantly slower due to the excessive processing time required by the problematic regular expressions.

Added: Jan 7, 2026, 7:30 PM

Updated: Jan 7, 2026, 9:32 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.1

remediation

0.0

relevance

1.9

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.1

remediation

0.0

relevance

1.9

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Wikimedia Foundation MediaWiki VisualData Extension Regular Expression Exponential Blowup Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating