Skip to main content

Mediawiki Growthexperiments Extension

1 CVEs product

Monthly

CVE-2026-39934 MEDIUM This Month

Infinite loop vulnerability in Wikimedia MediaWiki GrowthExperiments Extension (versions 1.45.2, 1.44.4, 1.43.7) allows unauthenticated remote attackers to trigger a denial of service condition by exploiting a Time-of-Check and Time-of-Use (TOCTOU) race condition that causes unreachable loop exit logic. The vulnerability has a CVSS score of 6.9 with low confidentiality, integrity, and availability impact across all scopes. No public exploit code or active exploitation has been confirmed at time of analysis.

Denial Of Service Mediawiki Growthexperiments Extension
NVD
CVSS 4.0
6.9
EPSS
0.0%
EPSS 0% CVSS 6.9
MEDIUM This Month

Infinite loop vulnerability in Wikimedia MediaWiki GrowthExperiments Extension (versions 1.45.2, 1.44.4, 1.43.7) allows unauthenticated remote attackers to trigger a denial of service condition by exploiting a Time-of-Check and Time-of-Use (TOCTOU) race condition that causes unreachable loop exit logic. The vulnerability has a CVSS score of 6.9 with low confidentiality, integrity, and availability impact across all scopes. No public exploit code or active exploitation has been confirmed at time of analysis.

Denial Of Service Mediawiki Growthexperiments Extension
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy