PT-2026-31043 · Mediawiki · Growthexperiments Extension For Mediawiki

Michael

Published

2026-04-07

Updated

2026-04-08

CVE-2026-39934

CVSS v4.0

6.9

Medium

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L

Name of the Vulnerable Software and Affected Versions Mediawiki - GrowthExperiments Extension versions 1.45.2, 1.44.4, and 1.43.7

Description The Mediawiki - GrowthExperiments Extension contains a flaw related to an infinite loop. This condition can be leveraged to create Time-of-Check and Time-of-Use (TOCTOU) race conditions.

Recommendations Update to a newer version of the Mediawiki - GrowthExperiments Extension that addresses this issue.

Fix

Infinite Loop

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-835

Related Identifiers

CVE-2026-39934

Affected Products

Growthexperiments Extension For Mediawiki

PT-2026-31043 · Mediawiki · Growthexperiments Extension For Mediawiki

CVE-2026-39934

Weakness Enumeration

Related Identifiers

Affected Products

References · 4