Back to search

Wikimedia

MediaWiki

See the latest tracked release, confirm when it was published, and subscribe for update emails.

1.45 Switch to this train 1.44 Switch to this train 1.43 Current train
Current version
Last checked: yesterday

1.43.8

Release date
April 07, 2026
CVE status
2 visible CVEs

Source

GitHub API

Public release notes are linked for the latest stored release.

View release notes Subscribe to updates

Release history

See the latest published releases stored for this product.

Version Published Notes
1.43.8 2026-04-07 Release Notes
1.43.6 2025-12-16 Release Notes

Vulnerability tracking

Review curated CVEs for this product and see whether the current version is marked affected. Only CVEs with a CVSS score of 7.0 or higher and published in the last 90 days are shown.

CVE Severity Published Status Summary
CVE-2026-39937 HIGH (8.8) 2026-04-07 Current versionaffected

Improper removal of sensitive information before storage or transfer vulnerability in The Wikimedia Foundation Mediawiki - CentralAuth Extension allows Resource Leak Exposure. The issue has been remediated on the `master` branch, and in the release branches for MediaWiki versions 1.43, 1.44, and 1.45.

Affected versions
  • From (including) 0 - Up to (excluding) 1.43
CVE-2025-11175 HIGH (8.8) 2026-01-30 Current versionnot affected

Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') vulnerability in The Wikimedia Foundation Mediawiki - DiscussionTools Extension allows Regular Expression Exponential Blowup.This issue affects Mediawiki - DiscussionTools Extension: 1.44, 1.43.

Affected versions
  • 1.44
  • 1.43