CVE-2025-6926

CVE-2025-6926: Security Authentication Bypass in CentralAuth

Vendor Wikimedia Foundation
Product Mediawiki - CentralAuth Extension
Weakness CWE-287 · Improper authentication
Published July 3, 2025
Last update November 3, 2025

CVSS base score

What the vulnerability does

01Description

Improper Authentication vulnerability in Wikimedia Foundation Mediawiki - CentralAuth Extension allows : Bypass Authentication.This issue affects Mediawiki - CentralAuth Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.

Key dates

02Disclosure timeline

July 3, 2025 CVE published
November 3, 2025 Record updated