Platform
php
Component
centralauth
Fixed in
1.45
1.45
1.45
1.43
CVE-2026-39937 describes a Resource Leak Exposure vulnerability found in the MediaWiki - CentralAuth Extension. This flaw allows attackers to potentially exhaust system resources, leading to instability or denial of service. The vulnerability impacts MediaWiki versions 1.43 through 1.45. A fix has been implemented in the master branch and released for MediaWiki 1.45.
CVE-2026-39937 in the MediaWiki CentralAuth extension affects The Wikimedia Foundation, enabling Resource Leak Exposure. This means sensitive information could be accidentally exposed during data storage or transfer. While the direct impact on end-users might be limited, resource leaks can facilitate the collection of confidential information by attackers, potentially compromising system privacy and security. The severity of this vulnerability lies in the possibility that sensitive information, even if not directly accessible, can be extracted through memory analysis or network traffic techniques. The remediation has been implemented in the master branch and in the MediaWiki versions 1.43, 1.44, and 1.45 release branches.
Exploitation of this vulnerability requires access to the MediaWiki system and technical knowledge to analyze data flow and memory management. An attacker might attempt to identify patterns in how sensitive data is stored and transferred, seeking opportunities to extract confidential information. The complexity of exploitation will depend on the specific configuration of CentralAuth and the security measures implemented. While no active exploitation of this vulnerability has been reported, the possibility of future exploitation justifies the need to apply security updates as soon as possible. The nature of the resource leak implies that information extraction can be subtle and difficult to detect.
Exploit Status
EPSS
0.06% (17% percentile)
CISA SSVC
To mitigate the risk associated with CVE-2026-39937, we strongly recommend updating MediaWiki to version 1.45 or higher. The update applies the necessary fixes to eliminate the resource leak. If an immediate update is not possible, review CentralAuth's security configurations and apply best practices for managing sensitive data. It's crucial to monitor system logs for suspicious activity that might indicate exploitation attempts. Periodic security audits are also suggested to identify and address potential vulnerabilities in the MediaWiki environment. The Wikimedia Foundation has provided patches and upgrade guides to facilitate the remediation process.
Update the MediaWiki CentralAuth extension to version 1.45 or higher to mitigate resource exposure. Ensure updates are applied in all affected environments. Refer to the official MediaWiki documentation for detailed instructions on how to update extensions.
Vulnerability analysis and critical alerts directly to your inbox.
It's a MediaWiki extension that allows centralized user authentication across multiple wikis.
The direct impact on users is low, but the resource leak could compromise privacy in the long run.
The update is available on the official MediaWiki website: [https://www.mediawiki.org/wiki/MediaWiki:Softwaredownloads](https://www.mediawiki.org/wiki/MediaWiki:Softwaredownloads)
Review CentralAuth's security configuration and monitor system logs.
Currently, there are no specific tools, but security audits can help identify potential issues.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.