Moodle Denial-of-Service Vulnerability in TeX Formula Editor

Vulnerability

A denial-of-service vulnerability exists in Moodle's TeX formula editor, specifically when rendering TeX content with mimetex. The issue arises from inadequate execution time limits, allowing specially crafted formulas to use excessive server resources. An authenticated user could exploit this vulnerability to disrupt service or degrade performance.

Impact

Exploitation of this vulnerability leads to uncontrolled resource consumption, particularly CPU and memory, causing a denial-of-service condition. This can slow down the application and its host operating system, potentially crashing the application or locking out legitimate users.

Added: Feb 21, 2026, 6:24 AM

Updated: Feb 21, 2026, 6:24 AM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

3.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

3.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Moodle Denial-of-Service Vulnerability in TeX Formula Editor

Vulnerability

Impact

Affected Products

Moodle

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating