PT-2026-30608 · Glpi+1 · Glpi+1

Bzhunt

Published

2026-04-06

Updated

2026-04-17

CVE-2026-26026

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions GLPI versions 11.0.0 through 11.0.5

Description GLPI is an asset and IT management software package. A template injection issue, exploitable by an administrator, can lead to Remote Code Execution (RCE).

Recommendations Update to version 11.0.6 or later.

Fix

RCE

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94CWE-1336

Related Identifiers

BDU:2026-07153

CVE-2026-26026

Affected Products

Glpi

Red Os

PT-2026-30608 · Glpi+1 · Glpi+1

CVE-2026-26026

Weakness Enumeration

Related Identifiers

Affected Products

References · 13