Where
-Infinity
0

Trending

Last week
Last month
Last year

Moodle Moodle 5.2End of life details

EOL
Oct 4, 2027
Support Ends
Apr 19, 2027
First published (updated )
EOL-moodle-5.2

Moodle MoodleMoodle: moodle: uncontrolled resource consumption in tex formula editor leading to denial of service

Risk 27
Severity
6.5
EPSS
0.07%
First published (updated )
CVE-2026-26047

Moodle MoodleA Denial-of-Service vulnerability exists in Moodle’s TeX formula editor due to missing execution tim…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2440905

Moodle MoodleMoodle: moodle: improper input sanitization in tex filter administration setting

Risk 49
Severity
7.2
EPSS
0.18%
First published (updated )
CVE-2026-26046

Moodle MoodleMoodle: moodle: improper validation in file restore functionality leading to remote code execution

Risk 49
Severity
7.2
EPSS
0.09%
First published (updated )
CVE-2026-26045
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Moodle MoodleA Remote Code Execution vulnerability exists in Moodle’s file restore functionality due to insuffici…

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2440901

Moodle MoodleMoodle: moodle: remote code execution via insufficient restore input validation

Risk 79
Severity
8.8
First published (updated )
CVE-2025-67847

Moodle MoodleMoodle 3.10.3 - 'label' Persistent Cross Site Scripting

Risk 44
Severity
7.2
First published (updated )
CVE-2021-47857

Moodle MoodleMoodle: moodle: data exposure of user identifiers in urls

Risk 27
Severity
5.3
First published (updated )
CVE-2025-67857

Moodle MoodleMoodle: moodle: privilege escalation via incomplete role checks in badge awarding

Risk 86
Severity
9.8
First published (updated )
CVE-2025-67856
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

composer/moodle/moodleMooodle: mooodle: information disclosure and script execution via reflected cross-site scripting

Risk 38
Severity
6.1
First published (updated )
CVE-2025-67855

composer/moodle/moodleMoodle: moodle: brute-force facilitation due to missing rate limiting in confirmation email service

Risk 43
Severity
7.5
First published (updated )
CVE-2025-67853

Moodle MoodleMoodle: moodle: open redirect vulnerability in oauth login flow allows redirection to malicious sites.

Risk 38
Severity
6.1
First published (updated )
CVE-2025-67852

composer/moodle/moodleMoodle: moodle: formula injection allows arbitrary formula execution via unescaped data export

Risk 68
Severity
7.8
First published (updated )
CVE-2025-67851

composer/moodle/moodleMoodle: moodle: cross-site scripting vulnerability via inadequate input filtering in formula editor

Risk 54
Severity
7.3
First published (updated )
CVE-2025-67850
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

composer/moodle/moodleMoodle: moodle: cross-site scripting (xss) via improper sanitization of ai prompt responses

Risk 54
Severity
7.3
First published (updated )
CVE-2025-67849

Moodle MoodleMoodle: moodle: authentication bypass via lti provider allows suspended users to gain unauthorized access.

Risk 60
Severity
8.1
First published (updated )
CVE-2025-67848

Moodle Moodle 5.1End of life details

EOL
Apr 19, 2027
Support Ends
Oct 5, 2026
First published (updated )
EOL-moodle-5.1

Moodle MoodleMoodle: idor when accessing the cohorts report

Risk 16
Severity
4.3
EPSS
0.03%
First published (updated )
CVE-2025-3647

Moodle MoodleMoodle: idor in messaging web service allows access to some user details

Risk 16
Severity
4.3
EPSS
0.03%
First published (updated )
CVE-2025-3645
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Moodle MoodleMoodle: ajax section delete does not respect course_can_delete_section()

Risk 16
Severity
4.3
EPSS
0.03%
First published (updated )
CVE-2025-3644

Moodle MoodleMoodle: reflected xss risk in policy tool

Risk 25
Severity
5.4
EPSS
0.03%
First published (updated )
CVE-2025-3643

composer/moodle/moodleMoodle: authenticated remote code execution risk in the moodle lms dropbox repository

Risk 56
Severity
8.8
EPSS
0.17%
First published (updated )
CVE-2025-3641

Moodle MoodleMoodle: idor in web service allows users enrolled in a course to access some details of other users

Risk 16
Severity
4.3
EPSS
0.03%
First published (updated )
CVE-2025-3640

Moodle MoodleMoodle: csrf risk in brickfield tool's analysis request action

Risk 56
Severity
8.8
EPSS
0.02%
First published (updated )
CVE-2025-3638
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Moodle MoodleMoodle: csrf token exposure via url in moodle mod_data module

Risk 13
Severity
3.1
EPSS
0.03%
First published (updated )
CVE-2025-3637

Moodle MoodleMoodle: idor in moodle rss block allows unauthorized access to rss feeds

Risk 16
Severity
4.3
EPSS
0.03%
First published (updated )
CVE-2025-3636

Moodle MoodleMoodle: csrf risk in moodle user tours manager allows tour duplication

Risk 14
Severity
3.5
EPSS
0.01%
First published (updated )
CVE-2025-3635

Moodle MoodleMoodle: moodle assignment submission search leaks anonymous student identities

Risk 16
Severity
4.3
EPSS
0.03%
First published (updated )
CVE-2025-3628

Moodle MoodleMoodle: partial data exposure in moodle before completing multi-factor authentication

Risk 16
Severity
4.3
EPSS
0.04%
First published (updated )
CVE-2025-3627
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203