CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-26026

GLPI is a free asset and IT management software package. From 11.0.0 to before 11.0.6, template injection by an administrator lead to RCE. This vulnerability is fixed in 11.0.6.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 18.5%

CVSS Severity

CVSS v3 Score 9.1

References

https://github.com/glpi-project/glpi/security/advisories/GHSA-2c98-648q-h27h

Products affected by CVE-2026-26026

Glpi-Project » Glpi » Version: 11.0.0

cpe:2.3:a:glpi-project:glpi:11.0.0
Glpi-Project » Glpi » Version: 11.0.1

cpe:2.3:a:glpi-project:glpi:11.0.1
Glpi-Project » Glpi » Version: 11.0.2

cpe:2.3:a:glpi-project:glpi:11.0.2
Glpi-Project » Glpi » Version: 11.0.3

cpe:2.3:a:glpi-project:glpi:11.0.3
Glpi-Project » Glpi » Version: 11.0.4

cpe:2.3:a:glpi-project:glpi:11.0.4
Glpi-Project » Glpi » Version: 11.0.5

cpe:2.3:a:glpi-project:glpi:11.0.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-26026

Products

Pricing

Contact Us