Browse all 9 CVE security advisories affecting Moodle Project. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-26533 | SQL injection risk in course search module list filter — moodleCWE-89 | 8.1 | High | 2025-02-24 |
| CVE-2025-26532 | Teachers can evade trusttext config when restoring glossary entries — moodleCWE-863 | 3.1 | Low | 2025-02-24 |
| CVE-2025-26531 | IDOR in badges allows disabling of arbitrary badges — moodleCWE-863 | 3.1 | Low | 2025-02-24 |
| CVE-2025-26530 | Reflected XSS via question bank filter — moodleCWE-79 | 8.3 | High | 2025-02-24 |
| CVE-2025-26529 | Stored XSS risk in admin live log — moodleCWE-79 | 8.3 | High | 2025-02-24 |
| CVE-2025-26528 | Stored XSS in ddimageortext question type — moodleCWE-79 | 3.4 | Low | 2025-02-24 |
| CVE-2025-26527 | Non-searchable tags can still be discovered on the tag search page and in the tags block — moodleCWE-1230 | 5.3 | Medium | 2025-02-24 |
| CVE-2025-26526 | Feedback response viewing and deletions did not respect Separate Groups mode — moodleCWE-863 | 6.5 | Medium | 2025-02-24 |
| CVE-2025-26525 | Arbitrary file read risk through pdfTeX — moodleCWE-552 | 8.6 | High | 2025-02-24 |
This page lists every published CVE security advisory associated with Moodle Project. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.