CVE-2025-61643 is a vulnerability identified in the MediaWiki software maintained by the Wikimedia Foundation, specifically within the includes/recentchanges/RecentChangeRCFeedNotifier.php file. MediaWiki versions prior to 1.39.14, 1.43.4, and 1.44.1 are affected. The vulnerability has a CVSS 4.0 score of 2.7, classifying it as low severity. The CVSS vector indicates that the vulnerability can be exploited remotely (AV:N) without authentication (PR:N) or user interaction (UI:N), but it only causes low impact on confidentiality (VC:L) and no impact on integrity or availability. The exact nature of the vulnerability is not detailed beyond its association with the recent changes feed notifier component, which suggests it may involve information disclosure or minor data leakage. No known exploits are currently reported in the wild, and no patches or exploit code links are provided in the source data, implying that the issue is either newly disclosed or not actively targeted. The vulnerability was reserved in late 2025 and published in early 2026, indicating recent discovery. Given the low CVSS score and lack of known exploitation, the threat is minimal but should be addressed to maintain software security hygiene.

For European organizations, the impact of CVE-2025-61643 is limited due to its low severity score and minimal effect on core security properties. MediaWiki is widely used in public sector, educational institutions, and some private organizations for collaborative documentation and knowledge management. A vulnerability in the recent changes feed notifier could potentially expose limited information about recent edits or system activity, which might aid an attacker in reconnaissance but does not directly compromise sensitive data or system integrity. The lack of authentication or user interaction requirements lowers the barrier for exploitation, but the low impact on confidentiality and no impact on integrity or availability reduce the overall risk. Organizations relying heavily on MediaWiki for critical operations should still prioritize patching to prevent any potential escalation or chaining with other vulnerabilities. The absence of known exploits reduces immediate threat but does not eliminate future risk.

European organizations should ensure that all MediaWiki instances are updated to versions 1.39.14, 1.43.4, 1.44.1, or later, as these contain fixes for CVE-2025-61643. Since no official patch links are provided, organizations should monitor the Wikimedia Foundation's official security advisories and repositories for updates. In the interim, restricting public access to the recent changes feed or implementing network-level controls to limit exposure of MediaWiki instances can reduce risk. Regularly auditing MediaWiki configurations and logs for unusual activity related to recent changes feeds is advisable. Employing web application firewalls (WAFs) with custom rules to detect anomalous requests targeting the RecentChangeRCFeedNotifier.php endpoint can provide additional protection. Finally, integrating MediaWiki updates into routine patch management cycles ensures timely remediation of this and future vulnerabilities.