CVE-2026-26046

A vulnerability was found in a Moodle TeX filter administrative setting where insufficient sanitization of configuration input could allow command injection. On sites where the TeX filter is enabled and ImageMagick is installed, a maliciously crafted setting value entered by an administrator could result in unintended system command execution. While exploitation requires administrative privileges, successful compromise could affect the entire Moodle server.

CVSS v3 7.2 HIGH

7.2^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/security/cve/CVE-2026-26046	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2440903	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:moodle:moodle::::::::
	cpe:2.3:a:moodle:moodle::::::::
	cpe:2.3:a:moodle:moodle::::::::

History

No history.

Information

Published : 2026-02-21 06:17

Updated : 2026-02-26 19:46

NVD link : CVE-2026-26046

Mitre link : CVE-2026-26046

CVE.ORG link : CVE-2026-26046

JSON object : View

Products Affected

moodle

moodle

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

{"id": "CVE-2026-26046", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "patrick@puiterwijk.org", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2026-02-21T06:17:00.203", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2026-26046", "tags": ["Third Party Advisory"], "source": "patrick@puiterwijk.org"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440903", "tags": ["Third Party Advisory"], "source": "patrick@puiterwijk.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "patrick@puiterwijk.org", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in a Moodle TeX filter administrative setting where insufficient sanitization of configuration input could allow command injection. On sites where the TeX filter is enabled and ImageMagick is installed, a maliciously crafted setting value entered by an administrator could result in unintended system command execution. While exploitation requires administrative privileges, successful compromise could affect the entire Moodle server."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en una configuraci\u00f3n administrativa del filtro TeX de Moodle donde una sanitizaci\u00f3n insuficiente de la entrada de configuraci\u00f3n podr\u00eda permitir la inyecci\u00f3n de comandos. En sitios donde el filtro TeX est\u00e1 habilitado e ImageMagick est\u00e1 instalado, un valor de configuraci\u00f3n maliciosamente elaborado introducido por un administrador podr\u00eda resultar en la ejecuci\u00f3n no intencionada de comandos del sistema. Si bien la explotaci\u00f3n requiere privilegios administrativos, un compromiso exitoso podr\u00eda afectar a todo el servidor Moodle."}], "lastModified": "2026-02-26T19:46:57.600", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80B1995C-45EB-41E5-A497-D565964750A1", "versionEndExcluding": "4.5.9"}, {"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CDB0968-2E2B-4C2F-BF59-9479D1EEC287", "versionEndExcluding": "5.0.5", "versionStartIncluding": "5.0.0"}, {"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36833D08-9C77-48B1-9240-7F326F5BB1CC", "versionEndExcluding": "5.1.2", "versionStartIncluding": "5.1.0"}], "operator": "OR"}]}], "sourceIdentifier": "patrick@puiterwijk.org"}