Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
7.3 HIGH
CVE-2025-67850 — Moodle: moodle: cross-site scripting vulnerability via inadequate input filtering in form…

A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting (XSS), occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A re…

moodle | Remote | Cross-Site Scripting
Feb 03, 2026 Feb 11, 2026
Feb 03, 2026
Feb 11, 2026
7.3 HIGH
CVE-2025-67849 — Moodle: moodle: cross-site scripting (xss) via improper sanitization of ai prompt respons…

A flaw was found in Moodle. This cross-site scripting (XSS) vulnerability, caused by improper sanitization of AI prompt responses, allows attackers to inject malicious HTML or script into web pages. …

moodle | Remote | Cross-Site Scripting
Feb 03, 2026 Feb 11, 2026
Feb 03, 2026
Feb 11, 2026
8.1 HIGH
CVE-2025-67848 — Moodle: moodle: authentication bypass via lti provider allows suspended users to gain una…

A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability (LTI) Provider. The issue arises from the LTI a…

moodle | Remote | Authentication
Feb 03, 2026 Feb 11, 2026
Feb 03, 2026
Feb 11, 2026
Showing 20 of 5263 Results