Teclib-Edition: >> Glpi >> 11.0.5 Security Vulnerabilities
GLPI is a free Asset and IT management software package. Starting in version 11.0.0 and prior to version 11.0.6, a malicious actor with knowledge of a user's credentials can bypass MFA and steal their account. Version 11.0.6 fixes the issue.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-03-18
GLPI is a free Asset and IT management software package. Starting in version 11.0.0 and prior to version 11.0.6, an authenticated user can perfom a SQL injection. Version 11.0.6 fixes the issue.
CVSS Score
6.5
EPSS Score
0.001
Published
2026-03-17