CVE-2025-64520 | GLPI up to 10.0.20 API authorization (GHSA-62p9-prpq-j62q)

December 17, 2025 Yanac

A vulnerability labeled as problematic has been found in GLPI up to 10.0.20. The impacted element is an unknown function of the component API. The manipulation results in missing authorization.

This vulnerability was named CVE-2025-64520. The attack may be performed from remote. There is no available exploit.

The affected component should be upgraded.VulDB Recent EntriesRead More

CVE-2025-59374 | ASUS Live Update Client up to 3.6.5 malicious code
CVE-2025-53619 | Grassroot DICOM 3.024 DICOM File Parser null_convert memory corruption (TALOS-2025-2210)