With T275669: Checkuser stores users to cu_log with trailing spaces, allowing all CUs to turn off Special:CheckuserLog at will (CVE-2021-31553) the problem with bad user input was fixed with a trim(), but using an trailing underscore instead of a trailing space can still break the special page, because the underscore is also invalid at the end or begin on Special:Contributions/<username>_
This should use proper title normalization before storing to the database (Special:CheckUser does that, api module checkuser not).
This can be done also by using the api param type 'user' with the user types 'name', 'ip', 'cidr'
Stack trace is the same as in the linked bug.