5 matches found
CVE-2026-26026
GLPI is a free asset and IT management software package. From 11.0.0 to before 11.0.6, template injection by an administrator lead to RCE. This vulnerability is fixed in 11.0.6...
UBUNTU-CVE-2026-26026
GLPI is a free asset and IT management software package. From 11.0.0 to before 11.0.6, template injection by an administrator lead to RCE. This vulnerability is fixed in 11.0.6...
PT-2026-25959
Name of the Vulnerable Software and Affected Versions GLPI versions 11.0.0 through 11.0.5 Description GLPI is an Asset and IT management software package. A malicious actor with knowledge of a user's credentials can bypass Multi-Factor Authentication MFA and compromise the account. The issue...
UBUNTU-CVE-2026-22247
GLPI is a free asset and IT management software package. From version 11.0.0 to before 11.0.5, a GLPI administrator can perform SSRF request through the Webhook feature. This issue has been patched in version 11.0.5...
PT-2022-28273 · Unknown · Sweetalert2
Name of the Vulnerable Software and Affected Versions: sweetalert2 versions 11.4.9 and above Description: The issue concerns hidden functionality introduced by the maintainer, causing the package to output audio and/or video messages unrelated to its intended functionality. Recommendations: For...