CVE-2026-25936 | GLPI up to 11.0.5 sql injection (GHSA-qw3x-7vv2-7759)

March 18, 2026 Yanac

A vulnerability was found in GLPI up to 11.0.5. It has been declared as critical. The affected element is an unknown function. Such manipulation leads to sql injection.

This vulnerability is traded as CVE-2026-25936. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More