Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5
CVE-2026-25937
- EPSS 0.01%
- Veröffentlicht 17.03.2026 23:16:38
- Zuletzt bearbeitet 23.03.2026 18:16:40
GLPI is a free Asset and IT management software package. Starting in version 11.0.0 and prior to version 11.0.6, a malicious actor with knowledge of a user's credentials can bypass MFA and steal their account. Version 11.0.6 fixes the issue.
8.8
CVE-2026-25936
- EPSS 0.04%
- Veröffentlicht 17.03.2026 19:41:32
- Zuletzt bearbeitet 19.03.2026 19:30:14
GLPI is a free Asset and IT management software package. Starting in version 11.0.0 and prior to version 11.0.6, an authenticated user can perfom a SQL injection. Version 11.0.6 fixes the issue.
8.8
CVE-2026-22248
- EPSS 0.2%
- Veröffentlicht 11.03.2026 15:27:04
- Zuletzt bearbeitet 20.03.2026 14:29:50
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. From 11.0.0 to before 11.0.5, an authenticated technician user can upload a malicious file and trigger ...
1