CVE-2025-64520

GLPI is a free asset and IT management software package. Starting in version 9.1.0 and prior to version 10.0.21, an unauthorized user with an API access can read all knowledge base entries. Users should upgrade to 10.0.21 to receive a patch.

Published Dec 18, 2025

https://github.com/glpi-project/glpi/security/advisories/GHSA-62p9-prpq-j62q

CVSS ScoreMedium

4.3

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2025-64520

GLPI is a free asset and IT management software package. Starting in version 9.1.0 and prior to version 10.0.21, an unauthorized user with an API access can read all knowledge base entries. Users should upgrade to 10.0.21 to receive a patch.

Published Dec 18, 2025

https://github.com/glpi-project/glpi/security/advisories/GHSA-62p9-prpq-j62q

CVSS ScoreMedium

4.3

No packages found

Try adjusting your search terms.

Ecosystem	Package	Version

No packages found

Try adjusting your search terms.

Find vulnerabilities. Fix fast with AI.

CVE-2025-64520

CVE-2025-64520

No packages found

No packages found