CVE-2025-26526

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Feb 24, 2025

CWE ID 863

Summary

CVE-2025-26526 is a vulnerability that affects Feedback activities in certain systems. The issue arises when Separate Groups mode restrictions are not considered during permission checks, allowing unintended users to view or delete responses. This oversight could potentially lead to data exposure or loss, underscoring the importance of thorough access control measures.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Moodle

Affected Vendors

Moodle

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3S6Utu
https://www.cve.org/CVERecord?id=CVE-2025-26526
https://nvd.nist.gov/vuln/detail/CVE-2025-26526

Back to Vulnerability Database