CVE-2025-32786

The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Versions 1.5.0 and below are vulnerable to SQL Injection. This issue is fixed in version 1.5.1.

Published Nov 6, 2025

https://github.com/glpi-project/glpi-inventory-plugin/security/advisories/GHSA-w2cp-r675-6xpq

CVSS ScoreHigh

7.5

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2025-32786

The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Versions 1.5.0 and below are vulnerable to SQL Injection. This issue is fixed in version 1.5.1.

Published Nov 6, 2025

https://github.com/glpi-project/glpi-inventory-plugin/security/advisories/GHSA-w2cp-r675-6xpq

CVSS ScoreHigh

7.5


rpm	glpi	0.90.5-1.el7
rpm	glpi	0.90.5-2.el7

Ecosystem	Package	Version


rpm	glpi	0.90.5-1.el7
rpm	glpi	0.90.5-2.el7

Find vulnerabilities. Fix fast with AI.

CVE-2025-32786

CVE-2025-32786