Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

Vulnerability Intelligence

Customers

CVE-2026-0668 | Mondoo Vulnerability Intelligence

Vulnerability IntelligenceCVE-2026-0668

CVE-2026-0668

MEDIUM5.3

VisualData extension: Regular Expression Denial of Service (ReDoS) via crafted user input

Published Jan 7, 2026

Modified 1 months ago

Details

Inefficient Regular Expression Complexity vulnerability in Wikimedia Foundation MediaWiki - VisualData Extension allows Regular Expression Exponential Blowup.This issue affects MediaWiki - VisualData Extension: 1.45.

References

WEB

https://gerrit.wikimedia.org/r/q/I4ff2737c9f0ba805267d1fc8296e7cff61241ee3

WEB

https://gerrit.wikimedia.org/r/q/I893a9fca694a2613e29e149dea2d76d7f06063e5

WEB

https://gerrit.wikimedia.org/r/q/Ie08d9a8ceb2c9a22a635cfc27964353f14072dbf

WEB

https://gerrit.wikimedia.org/r/q/Ifbf9c2ade621226e14fe852f3217293772bf8bb8

WEB

https://phabricator.wikimedia.org/T387008

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2026-0668

CVSS Analysis

CVSS v3.1

5.3

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

LowAC:L

Privileges Required

NonePR:N

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

LowA:L

5.3/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Weakness Type (CWE)

Resource Management

CWE-1333

ReDoS (Regex DoS)

Ecosystems

Timeline

PublishedJan 7, 2026

ModifiedJan 7, 2026