Checkuser
This hub aggregates every CVE we track for Checkuser, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
6
CVEs tracked
0
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM4HIGH2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
0
0
1
0
2024-072026-06
Latest CVEs
The 6 most recently published vulnerabilities affecting Checkuser.
- CVE-2026-34090Suggested investigations: Handle suppressed usernames7.5
- CVE-2025-67478Wrong E-Mail address composition for usernames with a comma and Umlauts in it like "Döe, Jähn"8.8
- CVE-2025-61658Special:GlobalContributions shows edits on wikis the viewer doesn't have access to4.3
- CVE-2019-16529An issue was discovered in the CheckUser extension through 1.35.0 for MediaWiki. Oversighted edit summaries are still visible in CheckUser results in violation of MediaWiki's permissions model.5.3
- CVE-2019-18611An issue was discovered in the CheckUser extension through 1.34 for MediaWiki. Certain sensitive information within oversighted edit summaries made available via the MediaWiki API was potentially v...6.5
- CVE-2015-2940Cross-site request forgery (CSRF) vulnerability in the CheckUser extension for MediaWiki allows remote attackers to hijack the authentication of certain users for requests that retrieve sensitive u...6.8
Product normalization is registry-driven with AI assist and human review. How it works