CVE-2026-26047 — MEDIUM (6.5)

Q: How severe is CVE-2026-26047?

CVE-2026-26047 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2026-26047?

Check the references section above for vendor advisories and patch information. Affected products include: Moodle Moodle.

Vulnerability Description

A denial-of-service vulnerability was identified in Moodle’s TeX formula editor. When rendering TeX content using mimetex, insufficient execution time limits could allow specially crafted formulas to consume excessive server resources. An authenticated user could abuse this behavior to degrade performance or cause service interruption.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Moodle	Moodle	< 4.5.9

Related Weaknesses (CWE)

CWE-770 CWE-400

References

https://access.redhat.com/security/cve/CVE-2026-26047Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2440905Third Party Advisory

FAQ

What is CVE-2026-26047?

CVE-2026-26047 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A denial-of-service vulnerability was identified in Moodle’s TeX formula editor. When rendering TeX content using mimetex, insufficient execution time limits could allow specially crafted formulas to ...

How severe is CVE-2026-26047?

CVE-2026-26047 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-26047?

Check the references section above for vendor advisories and patch information. Affected products include: Moodle Moodle.