Low severityNVD Advisory· Published May 11, 2026· Updated May 12, 2026

CVE-2026-5266

Description

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation Echo.

This vulnerability is associated with program files includes/Api/ApiEchoNotifications.Php.

This issue affects Echo: from * before 1.43.7, 1.44.4, 1.45.2.

Wikimedia Foundation/Mediawiki Extensions Echoinferred
Range: <1.43.7, >=1.44.0,<1.44.4, >=1.45.0,<1.45.2

No patches discovered yet.

AI mechanics synthesis has not run for this CVE yet.

No linked articles in our index yet.