CVE-2026-42320

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Jun 03, 2026

Vendor unknown

Description

GLPI is a free asset and IT management software package. Starting in version 0.50 and prior to versions 10.0.25 and 11.0.7, a technician can read arbitrary files inside the GLPI_DOC_DIR. Upgrade to 10.0.25 or 11.0.7 to receive a patch.

References

https://github.com/glpi-project/glpi/security/advisories/GHSA-58j6-94cf-gcx5