CVE-2026-26045

Name of the Vulnerable Software and Affected Versions Moodle (affected versions not specified)

Description A flaw exists in Moodle’s backup restore functionality where specially crafted backup files are not properly validated during processing. Restoring a malicious backup file could lead to the execution of server-side code. Exploitation requires authenticated access, as restore capabilities are typically available to privileged users. Successful exploitation could result in a full compromise of the Moodle server.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.