DokuWiki vulnerabilities: known CVEs & security history
DokuWiki · CMS / Wiki · 25 tracked CVEs · 0 actively exploited · updated June 2026 · what is a CVE? →
This is the full list of known vulnerabilities (CVEs) across all DokuWiki release lines — 25 in total. A CVE here doesn't mean your version is affected — check DokuWiki's current status and the safe version to run.
Known DokuWiki CVEs
Actively-exploited and most-severe first. Open any CVE for full details.
| CVE | Severity | CVSS | EPSS | Year |
|---|---|---|---|---|
| CVE-2018-15474 | critical | 9.6 | 3% | 2018 |
| CVE-2009-1960 | high | 9.3 | 23% | 2009 |
| CVE-2017-18123 | high | 8.6 | 3% | 2018 |
| CVE-2016-7964 | high | 8.6 | 2% | 2016 |
| CVE-2010-0288 | high | 7.5 | 10% | 2010 |
| CVE-2010-0289 | medium | 6.8 | 2% | 2010 |
| CVE-2016-7965 | medium | 6.5 | 1% | 2016 |
| CVE-2015-2172 | medium | 6.5 | 3% | 2015 |
| CVE-2022-3123 | medium | 6.1 | 1% | 2022 |
| CVE-2022-28919 | medium | 6.1 | 1% | 2022 |
| CVE-2017-12980 | medium | 6.1 | 1% | 2017 |
| CVE-2017-12979 | medium | 6.1 | 1% | 2017 |
| CVE-2017-12583 | medium | 6.1 | 3% | 2017 |
| CVE-2023-34408 | medium | 5.4 | 1% | 2023 |
| CVE-2019-25338 | medium | 5.3 | 0% | 2026 |
| CVE-2014-8764 | medium | 5 | 2% | 2014 |
| CVE-2014-8763 | medium | 5 | 3% | 2014 |
| CVE-2014-8762 | medium | 5 | 2% | 2014 |
| CVE-2014-8761 | medium | 5 | 2% | 2014 |
| CVE-2011-3727 | medium | 5 | 2% | 2011 |
| CVE-2010-0287 | medium | 5 | 11% | 2010 |
| CVE-2026-26477 | medium | 4.3 | 0% | 2026 |
| CVE-2014-9253 | medium | 4.3 | 2% | 2014 |
| CVE-2012-3354 | medium | 4.3 | 1% | 2012 |
| CVE-2011-2510 | medium | 4.3 | 2% | 2011 |
Is my DokuWiki version affected?
The list above spans every release. To know whether your version is affected — and the minimum safe version to upgrade to — check it directly.
Check your DokuWiki version → · Monitor DokuWiki for new CVEs →
DokuWiki vulnerabilities — frequently asked
How many known vulnerabilities does DokuWiki have?
IsItPatched tracks 25 CVEs for DokuWiki. 1 is critical-severity and 4 high-severity. These span every release line — what matters is whether the version you run is affected.
Does DokuWiki have any actively-exploited vulnerabilities?
None of DokuWiki's tracked CVEs are currently in CISA's KEV catalog — but new ones can be added at any time, so keep your version current.
What is the most severe DokuWiki vulnerability?
Among tracked issues, CVE-2018-15474 (CRITICAL, CVSS 9.6) ranks highest — a CWE-1236 weakness.
Is DokuWiki safe to use?
It depends on the version. The latest supported DokuWiki release clears the known issues; older versions may still be affected. Check the exact version you run for a verdict.
CVE data aggregated from NVD, CISA KEV and EPSS (FIRST.org). Related: DokuWiki security status · DokuWiki end-of-life · actively-exploited CVEs. Always verify against DokuWiki's advisories — see our disclaimer.