Multiple Vulnerabilities Discovered in GLPI Software

📌 Multiple vulnerabilities were discovered in GLPI on April 7, 2026, as reported by CERT-FR. These flaws enable attackers to execute arbitrary remote code, conduct SQL injection (SQLi), and perform remote indirect code injection (XSS). The vulnerabilities affect unspecified versions of the GLPI software, with no CVE IDs or additional technical details provided in the notice. The impacts include potential unauthorized system access, data manipulation, and cross-site scripting attacks. No mitigation steps or affected component specifics were disclosed in the advisory.