ByteOS Network

Vulnerability Details :

CVE-2025-61653

Assigner Org ID-c4f26cc8-17ff-4c99-b5e2-38fc1793eacc

Published At-03 Feb, 2026 | 00:57

Updated At-03 Feb, 2026 | 20:59

Extension:TextExtracts does not check for authorizeRead when returning extracts

Vulnerability in Wikimedia Foundation TextExtracts. This vulnerability is associated with program files includes/ApiQueryExtracts.Php. This issue affects TextExtracts: from * before 1.39.14, 1.43.4, 1.44.1.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:wikimedia-foundation

Assigner Org ID:c4f26cc8-17ff-4c99-b5e2-38fc1793eacc

Published At:03 Feb, 2026 | 00:57

Updated At:03 Feb, 2026 | 20:59

▼CVE Numbering Authority (CNA)

Extension:TextExtracts does not check for authorizeRead when returning extracts

Affected Products

Vendor

Wikimedia Foundation

Product

TextExtracts

Repo

https://gerrit.wikimedia.org/g/mediawiki/extensions/TextExtracts/+/refs/heads/master

Program Files

includes/ApiQueryExtracts.php

Default Status

unaffected

Versions

Affected

From * before 1.39.14, 1.43.4, 1.44.1 (semver)

Metrics

Version	Base score	Base severity	Vector
4.0	2.7	LOW	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

Version: 4.0

Base score: 2.7

Base severity: LOW

Vector:

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

References

Hyperlink	Resource
https://phabricator.wikimedia.org/T397577	N/A

Hyperlink: https://phabricator.wikimedia.org/T397577

Resource: N/A

▼Authorized Data Publishers (ADP)

CISA ADP Vulnrichment

Metrics Other Info

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:c4f26cc8-17ff-4c99-b5e2-38fc1793eacc

Published At:03 Feb, 2026 | 02:16

Updated At:03 Feb, 2026 | 16:44

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	4.0	2.7	LOW	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Type: Secondary

Version: 4.0

Base score: 2.7

Base severity: LOW

Vector:

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Hyperlink	Source	Resource
https://phabricator.wikimedia.org/T397577	c4f26cc8-17ff-4c99-b5e2-38fc1793eacc	N/A

Hyperlink: https://phabricator.wikimedia.org/T397577

Source: c4f26cc8-17ff-4c99-b5e2-38fc1793eacc

Resource: N/A

Similar CVEs

1Records found

CVE-2025-61652

Matching Score-8

Assigner-The Wikimedia Foundation

View Details

Matching Score-8

Assigner-The Wikimedia Foundation

CVSS Score-2.7||LOW

EPSS-0.07% / 21.13%

7 Day CHG+0.02%

Published-03 Feb, 2026 | 00:55

Updated-03 Feb, 2026 | 20:57

Action API discussiontoolspageinfo does not check for authorizeRead for the page

Vulnerability in Wikimedia Foundation DiscussionTools.This issue affects DiscussionTools: from * before 1.43.4, 1.44.1.

Vendor-Wikimedia Foundation

Product-DiscussionTools

CVE-2025-61653

Credits

Extension:TextExtracts does not check for authorizeRead when returning extracts

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs