A vulnerability was found in Wikimedia UrlShortener up to 1.46.0/1.45.4/1.44.6/1.43.9. It has been classified as critical. The impacted element is an unknown function. The manipulation leads to improper input validation.
This vulnerability is traded as CVE-2026-13706. It is possible to initiate the attack remotely. There is no exploit available.