ByteOS Network

NVD Vulnerability Details :

CVE-2026-26047

Analyzed

Source-patrick@puiterwijk.org

Published At-21 Feb, 2026 | 06:17

Updated At-26 Feb, 2026 | 19:45

A denial-of-service vulnerability was identified in Moodle’s TeX formula editor. When rendering TeX content using mimetex, insufficient execution time limits could allow specially crafted formulas to consume excessive server resources. An authenticated user could abuse this behavior to degrade performance or cause service interruption.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Type: Secondary

Version: 3.1

Base score: 6.5

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CPE Matches

Moodle Pty Ltd

>>moodle>>Versions before 4.5.9(exclusive)

cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*

Moodle Pty Ltd

>>moodle>>Versions from 5.0.0(inclusive) to 5.0.5(exclusive)

cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*

Moodle Pty Ltd

>>moodle>>Versions from 5.1.0(inclusive) to 5.1.2(exclusive)

cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-400	Secondary	patrick@puiterwijk.org
CWE-770	Primary	nvd@nist.gov

CWE ID: CWE-400

Type: Secondary

Source: patrick@puiterwijk.org

CWE ID: CWE-770

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
https://access.redhat.com/security/cve/CVE-2026-26047	patrick@puiterwijk.org	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2440905	patrick@puiterwijk.org	Third Party Advisory

Hyperlink: https://access.redhat.com/security/cve/CVE-2026-26047

Source: patrick@puiterwijk.org

Resource:

Third Party Advisory

Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2440905

Source: patrick@puiterwijk.org

Resource:

Third Party Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History