Wiz
Vulnerability DatabaseCVE-2025-61639

CVE-2025-61639
Linux Debian vulnerability analysis and mitigation

Overview

CVE-2025-61639 is a security vulnerability affecting MediaWiki software. The vulnerability is related to the ManualLogEntry::getDeleted functionality in the getRecentChange method. This issue was initially published on October 7, 2025, and last updated on October 8, 2025. The vulnerability affects multiple versions of MediaWiki, including versions in Ubuntu distributions from 18.04 LTS to 25.10 (Ubuntu Security).

Technical details

The vulnerability involves improper implementation of the ManualLogEntry::getDeleted method when used in conjunction with getRecentChange functionality. The issue has been assigned a medium priority by Ubuntu security teams, suggesting moderate severity (Ubuntu Security). The vulnerability affects multiple MediaWiki packages across different distributions, including Debian and Ubuntu systems (Debian Tracker).

Impact

The vulnerability affects multiple versions of MediaWiki software across various distributions, potentially impacting both Debian and Ubuntu systems. All current versions in the Debian testing suite are marked as vulnerable to this issue (Debian Testing).

Mitigation and workarounds

Currently, the vulnerability is under evaluation across multiple Ubuntu releases, including 25.10 (questing), 25.04 (plucky), 24.04 LTS (noble), 22.04 LTS (jammy), 20.04 LTS (focal), and 18.04 LTS (bionic). No official fixes have been released yet (Ubuntu Security).

Additional resources

SourceThis report was generated using AI

Related Linux Debian vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-67726HIGH7.5
  • Linux DebianLinux Debian
  • python-tornado
NoNoDec 12, 2025
CVE-2025-67725HIGH7.5
  • Linux DebianLinux Debian
  • python-tornado
NoNoDec 12, 2025
CVE-2025-11266MEDIUM6.8
  • Linux DebianLinux Debian
  • gdcm
NoNoDec 12, 2025
CVE-2025-67749MEDIUM5.3
  • Linux DebianLinux Debian
  • pcsx2
NoNoDec 12, 2025
CVE-2025-40345N/AN/A
  • Linux KernelLinux Kernel
  • kernel-headers
NoYesDec 12, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo