CVE-2026-44281 – GLPI vulnerable to unauthorized reading of a specific asset object

CVE ID :CVE-2026-44281

Published : June 3, 2026, 4:16 p.m. | 16 minutes ago

Description :GLPI is a free asset and IT management software package. Starting in version 0.78 and prior to versions 10.0.25 and 11.0.7, an authenticated user with config READ permission can read a specific asset object. Upgrade to 11.0.7 or 10.0.25 to receive a patch.

Severity: 7.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-46273 – ibmveth: Disable GSO for packets with small MSS

CVE-2026-46272 – coresight: tmc-etr: Fix race condition between sysfs and perf mode

CVE-2026-46271 – wifi: ath12k: do WoW offloads only on primary link

CVE-2026-46270 – power: supply: rt9455: Fix use-after-free in power_supply_changed()