moodle/moodle vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-26045Highmoodle/moodle: Moodle has a Remote Code Execution risk via file restoreCVE-2026-26047Mediummoodle/moodle: Moodle TeX formula editor is vulnerable to DoS through lack of execution time limitsCVE-2025-67852Lowmoodle/moodle: Moodle Open Redirect vulnerabilityCVE-2025-67853Highmoodle/moodle: Moodle Affected by Improper Restriction of Excessive Authentication AttemptsCVE-2025-67857Mediummoodle/moodle: Moodle Inserts Sensitive Information Into Sent DataCVE-2025-67855Mediummoodle/moodle: Moodle vulnerable to Cross-site ScriptingCVE-2025-67856Mediummoodle/moodle: Moodle has an authorization logic flawCVE-2025-67851Mediummoodle/moodle: Moodle formula injection vulnerabilityCVE-2025-67848Highmoodle/moodle: Moodle authentication bypass vulnerabilityCVE-2025-67850Highmoodle/moodle: Moodle vulnerable to Cross-site ScriptingCVE-2025-67849Highmoodle/moodle: Moodle Cross-site Scripting (XSS) vulnerabilityCVE-2025-67847Highmoodle/moodle: Moodle affected by a code injection vulnerabilityCVE-2025-62398Mediummoodle/moodle: Moodle does not properly enforce MFACVE-2025-62396Mediummoodle/moodle: Moodle's error handling leads to sensitive information disclosureCVE-2025-62401Mediummoodle/moodle: Moodle has a time restriction bypassCVE-2025-62400Mediummoodle/moodle: Moodle exposed the names of hidden groups to usersCVE-2025-62399Highmoodle/moodle: Moodle vulnerable to brute-force password guessesCVE-2025-62394Mediummoodle/moodle: Moodle sends quiz-related messages to inactive/suspended usersCVE-2025-62393Mediummoodle/moodle: Moodle course access permissions are not properly checked in course_output_fragment_course_overviewCVE-2025-53021Mediummoodle/moodle: Moodle Session Fixation allows unauthenticated users to hijack sessions via sesskey parameterCVE-2025-3647Mediummoodle/moodle: Moodle allows IDOR when accessing the cohorts reportCVE-2025-3645Mediummoodle/moodle: Moodle has an IDOR in messaging web service which allows access to some user detailsCVE-2025-3637Lowmoodle/moodle: Moodle's mod_data edit/delete pages pass CSRF token in GET parameterCVE-2025-3643Mediummoodle/moodle: Moodle has reflected Cross-site Scripting risk in policy toolCVE-2025-3642Highmoodle/moodle: Moodle has an authenticated remote code execution risk in the Moodle LMS EQUELLA repository

Stop the waste.
Protect your environment with Kodem.