CVE-2026-25936

Medium CVSS: 6.5

GLPI is a free Asset and IT management software package. Starting in version 11.0.0 and prior to version 11.0.6, an authenticated user can perfom a SQL injection. Version 11.0.6 fixes the issue.

Vendor

Teclib-edition

Product

Glpi

CWE

CWE-89

Yayın Tarihi

2026-03-17 20:16:13

Güncelleme

2026-03-19 19:30:14

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-89 Glpi MEDIUM Teclib-edition 2026

Referanslar

https://github.com/glpi-project/glpi/security/advisories/GHSA-qw3x-7vv2-7759

Benzer Kayıtlar

Medium

CVE-2026-25937

GLPI is a free Asset and IT management software package. Starting in version 11.0.0 and prior to version 11.0.6, a malic…

Critical

CVE-2026-23489

Fields is a GLPI plugin that allows users to add custom fields on GLPI items forms. Prior to version 1.23.3, it is possi…

High

CVE-2026-22248

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses track…