CVE-2026-26045

A flaw was identified in Moodle’s backup restore functionality where specially crafted backup files were not properly validated during processing. If a malicious backup file is restored, it could lead to unintended execution of server-side code. Since restore capabilities are typically available to privileged users, exploitation requires authenticated access. Successful exploitation could result in full compromise of the Moodle server.

CVSS v3 7.2 HIGH

7.2^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/security/cve/CVE-2026-26045	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2440901	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:moodle:moodle::::::::
	cpe:2.3:a:moodle:moodle::::::::
	cpe:2.3:a:moodle:moodle::::::::

History

No history.

Information

Published : 2026-02-21 06:16

Updated : 2026-02-26 19:47

NVD link : CVE-2026-26045

Mitre link : CVE-2026-26045

CVE.ORG link : CVE-2026-26045

JSON object : View

Products Affected

moodle

moodle

CWE

CWE-94

Improper Control of Generation of Code ('Code Injection')

{"id": "CVE-2026-26045", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "patrick@puiterwijk.org", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2026-02-21T06:16:58.867", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2026-26045", "tags": ["Third Party Advisory"], "source": "patrick@puiterwijk.org"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440901", "tags": ["Third Party Advisory"], "source": "patrick@puiterwijk.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "patrick@puiterwijk.org", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "A flaw was identified in Moodle\u2019s backup restore functionality where specially crafted backup files were not properly validated during processing. If a malicious backup file is restored, it could lead to unintended execution of server-side code. Since restore capabilities are typically available to privileged users, exploitation requires authenticated access. Successful exploitation could result in full compromise of the Moodle server."}, {"lang": "es", "value": "Se identific\u00f3 una vulnerabilidad en la funcionalidad de restauraci\u00f3n de copias de seguridad de Moodle donde los archivos de copia de seguridad especialmente dise\u00f1ados no se validaban correctamente durante el procesamiento. Si se restaura un archivo de copia de seguridad malicioso, podr\u00eda conducir a la ejecuci\u00f3n no intencionada de c\u00f3digo del lado del servidor. Dado que las capacidades de restauraci\u00f3n suelen estar disponibles para usuarios privilegiados, la explotaci\u00f3n requiere acceso autenticado. Una explotaci\u00f3n exitosa podr\u00eda resultar en el compromiso total del servidor Moodle."}], "lastModified": "2026-02-26T19:47:42.953", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80B1995C-45EB-41E5-A497-D565964750A1", "versionEndExcluding": "4.5.9"}, {"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CDB0968-2E2B-4C2F-BF59-9479D1EEC287", "versionEndExcluding": "5.0.5", "versionStartIncluding": "5.0.0"}, {"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36833D08-9C77-48B1-9240-7F326F5BB1CC", "versionEndExcluding": "5.1.2", "versionStartIncluding": "5.1.0"}], "operator": "OR"}]}], "sourceIdentifier": "patrick@puiterwijk.org"}