Unrated severityNVD Advisory· Published Jan 7, 2026· Updated Jan 7, 2026
Path Traversal vulnerability in CSS extension on certain web servers
CVE-2026-0669
Description
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Wikimedia Foundation MediaWiki - CSS extension allows Path Traversal.This issue affects MediaWiki - CSS extension: 1.44, 1.43, 1.39.
Affected products
1- Range: 1.39, 1.43, 1.44
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.