CVE-2026-26047
Received Received - Intake
Denial-of-Service in Moodle TeX Editor via mimetex Resource Exhaustion

Publication date: 2026-02-21

Last updated on: 2026-02-26

Assigner: Fedora Project

Description
A denial-of-service vulnerability was identified in Moodle’s TeX formula editor. When rendering TeX content using mimetex, insufficient execution time limits could allow specially crafted formulas to consume excessive server resources. An authenticated user could abuse this behavior to degrade performance or cause service interruption.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-21
Last Modified
2026-02-26
Generated
2026-06-16
AI Q&A
2026-02-21
EPSS Evaluated
2026-06-15
NVD
CVE-2026-26047
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
moodle moodle to 4.5.9 (exc)
moodle moodle From 5.0.0 (inc) to 5.0.5 (exc)
moodle moodle From 5.1.0 (inc) to 5.1.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-770 The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
CWE-400 The product does not properly control the allocation and maintenance of a limited resource.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "CVE-2026-26047 is a denial-of-service (DoS) vulnerability in Moodle's TeX formula editor. It occurs because the mimetex component, which renders TeX content, does not have sufficient execution time limits. This allows an authenticated user to submit specially crafted TeX formulas that consume excessive server resources, particularly CPU time."}, {'type': 'paragraph', 'content': "As a result, the Moodle server's performance can degrade significantly or the service can be completely interrupted."}] [1]

Impact Analysis

This vulnerability can impact you by causing a denial of service on your Moodle instance. An authenticated user can exploit it to consume excessive CPU resources, leading to severe performance degradation or a complete outage of the Moodle service.

While the confidentiality and integrity of your system are not affected, the availability of the Moodle platform is at risk, potentially disrupting access for legitimate users.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by monitoring the Moodle server for unusually high CPU usage or performance degradation when rendering TeX formulas using the mimetex component.'}, {'type': 'paragraph', 'content': 'Commands to help detect this issue include checking running processes and CPU usage on the server during TeX rendering, for example:'}, {'type': 'list_item', 'content': "Use 'top' or 'htop' to monitor CPU usage in real-time."}, {'type': 'list_item', 'content': "Use 'ps aux --sort=-%cpu | head' to identify processes consuming the most CPU."}, {'type': 'list_item', 'content': 'Check Moodle logs for any errors or slow responses related to TeX rendering.'}] [1]

Mitigation Strategies

Immediate mitigation steps include restricting or disabling the use of the TeX formula editor or mimetex component until a patch or update is applied.

Additionally, limit authenticated user permissions to reduce the risk of abuse and monitor server resource usage closely to detect and respond to potential exploitation attempts.

Applying any available updates or patches from Moodle that address this vulnerability is also critical.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-26047. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart