CVE-2026-39937

Description

Improper removal of sensitive information before storage or transfer vulnerability in The Wikimedia Foundation Mediawiki - CentralAuth Extension allows Resource Leak Exposure.This issue affects non release branches.

References

• https://gerrit.wikimedia.org/r/q/I0b72427fa329aee85841a2cb23dec3058edce85e
• https://phabricator.wikimedia.org/T418122