Information disclosure in Wikimedia Foundation Echo

CVE-2026-5266

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation Echo. This vulnerability is associated with program files includes/Api/ApiEchoNotifications.Php. This issue affects Echo: from * before 1…

Vulnerability class: Information Disclosure

EPSS: 0.000 (14.8th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References