CVE-2025-66417 | glpi up to 11.0.2 Inventory Endpoint sql injection

January 15, 2026 Yanac

A vulnerability identified as critical has been detected in glpi up to 11.0.2. This affects an unknown part of the component Inventory Endpoint. Performing a manipulation results in sql injection.

This vulnerability was named CVE-2025-66417. The attack may be initiated remotely. There is no available exploit.

You should upgrade the affected component.VulDB Recent EntriesRead More

CVE-2021-47777 | Ribccs Build Smart ERP 21.0817 Login Validation Endpoint eidValue sql injection (Exploit 50445 / EDB-50445)
CVE-2025-66292 | donknap dpanel up to 1.9.1 attach.go path path traversal