Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| glpi-project | glpi | affected |
|
No data.
No data.
| Vendor | Product | Confidence | Versions | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Glpi-project | Glpi | 100% |
|
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Wed, 03 Jun 2026 18:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Glpi-project
Glpi-project glpi |
|
| Vendors & Products |
Glpi-project
Glpi-project glpi |
Wed, 03 Jun 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 03 Jun 2026 16:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | GLPI is a free asset and IT management software package. Starting in version 0.78 and prior to versions 10.0.25 and 11.0.7, an authenticated user with config READ permission can read a specific asset object. Upgrade to 11.0.7 or 10.0.25 to receive a patch. | |
| Title | GLPI vulnerable to unauthorized reading of a specific asset object | |
| Weaknesses | CWE-862 | |
| References |
| |
| Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-06-03T16:02:28.714Z
Reserved: 2026-05-05T17:39:31.111Z
Link: CVE-2026-44281
Vulnrichment
Updated: 2026-06-03T16:02:14.651Z
NVD
Status : Deferred
Published: 2026-06-03T16:16:30.350
Modified: 2026-06-04T15:41:35.193
Link: CVE-2026-44281
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-06-03T18:00:06Z