CVE-2026-26045
HIGH
CVSS 7.2
No EPSS data
Description
A flaw was identified in Moodleβs backup restore functionality where specially crafted backup files were not properly validated during processing. If a malicious backup file is restored, it could lead to unintended execution of server-side code. Since restore capabilities are typically available to privileged users, exploitation requires authenticated access. Successful exploitation could result in full compromise of the Moodle server.
CVSS details
EPSS
This CVE is not currently listed in the EPSS dataset.
Show JSON
{
"cve": {
"id": "CVE-2026-26045",
"cveTags": [],
"metrics": {
"cvssMetricV31": [
{
"type": "Secondary",
"source": "patrick@puiterwijk.org",
"cvssData": {
"scope": "UNCHANGED",
"version": "3.1",
"baseScore": 7.2,
"attackVector": "NETWORK",
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"integrityImpact": "HIGH",
"userInteraction": "NONE",
"attackComplexity": "LOW",
"availabilityImpact": "HIGH",
"privilegesRequired": "HIGH",
"confidentialityImpact": "HIGH"
},
"impactScore": 5.9,
"exploitabilityScore": 1.2
}
]
},
"published": "2026-02-21T06:16:58.867",
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2026-26045",
"tags": [
"Third Party Advisory"
],
"source": "patrick@puiterwijk.org"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440901",
"tags": [
"Third Party Advisory"
],
"source": "patrick@puiterwijk.org"
}
],
"vulnStatus": "Analyzed",
"weaknesses": [
{
"type": "Secondary",
"source": "patrick@puiterwijk.org",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was identified in Moodle\u2019s backup restore functionality where specially crafted backup files were not properly validated during processing. If a malicious backup file is restored, it could lead to unintended execution of server-side code. Since restore capabilities are typically available to privileged users, exploitation requires authenticated access. Successful exploitation could result in full compromise of the Moodle server."
},
{
"lang": "es",
"value": "Se identific\u00f3 una vulnerabilidad en la funcionalidad de restauraci\u00f3n de copias de seguridad de Moodle donde los archivos de copia de seguridad especialmente dise\u00f1ados no se validaban correctamente durante el procesamiento. Si se restaura un archivo de copia de seguridad malicioso, podr\u00eda conducir a la ejecuci\u00f3n no intencionada de c\u00f3digo del lado del servidor. Dado que las capacidades de restauraci\u00f3n suelen estar disponibles para usuarios privilegiados, la explotaci\u00f3n requiere acceso autenticado. Una explotaci\u00f3n exitosa podr\u00eda resultar en el compromiso total del servidor Moodle."
}
],
"lastModified": "2026-02-26T19:47:42.953",
"configurations": [
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "80B1995C-45EB-41E5-A497-D565964750A1",
"versionEndExcluding": "4.5.9"
},
{
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8CDB0968-2E2B-4C2F-BF59-9479D1EEC287",
"versionEndExcluding": "5.0.5",
"versionStartIncluding": "5.0.0"
},
{
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "36833D08-9C77-48B1-9240-7F326F5BB1CC",
"versionEndExcluding": "5.1.2",
"versionStartIncluding": "5.1.0"
}
],
"operator": "OR"
}
]
}
],
"sourceIdentifier": "patrick@puiterwijk.org"
}
}