Unrated severityNVD Advisory· Published Feb 21, 2026· Updated Feb 26, 2026

Moodle: moodle: improper input sanitization in tex filter administration setting

CVE-2026-26046

Description

A vulnerability was found in a Moodle TeX filter administrative setting where insufficient sanitization of configuration input could allow command injection. On sites where the TeX filter is enabled and ImageMagick is installed, a maliciously crafted setting value entered by an administrator could result in unintended system command execution. While exploitation requires administrative privileges, successful compromise could affect the entire Moodle server.

Affected products

Moodle/Moodlellm-fuzzy

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/security/cve/CVE-2026-26046mitrevdb-entryx_refsource_REDHAT
bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000