Glpi-project Glpi-inventory-plugin
7 CVEs affecting Glpi-project Glpi-inventory-plugin. Latest disclosed: 2026-03-17. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-27147 | High | 8.2 | 2025-03-25 | The GLPI Inventory Plugin handles various types of tasks for GLPI agents, including network discovery and inventory (SNMP), software deployment, VMWare ESX hos… |
CVE-2025-32786 | High | 7.5 | 2025-11-04 | The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Versions 1.5.0 and below are vulnerab… |
CVE-2026-26001 | High | 7.1 | 2026-03-17 | The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, non sanitized user in… |
CVE-2025-26626 | Medium | 6.5 | 2025-03-14 | The GLPI Inventory Plugin handles various types of tasks for GLPI agents for the GLPI asset and IT management software package. Versions prior to 1.5.0 are vul… |
CVE-2022-31082 | Medium | 5.8 | 2022-06-27 | GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. glpi-inventory-plu… |
CVE-2022-31062 | Medium | 5.3 | 2022-06-20 | ### Impact A plugin public script can be used to read content of system files. ### Patches Upgrade to version 1.0.2. ### Workarounds `b/deploy/index.php` file… |
CVE-2026-25590 | Medium | 4.5 | 2026-03-03 | The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, there is a reflected… |