VYPR
Unrated severityNVD Advisory· Published Feb 4, 2026· Updated Feb 5, 2026

GLPI is Vulnerable to SSRF via Webhooks

CVE-2026-22247

Description

GLPI is a free asset and IT management software package. From version 11.0.0 to before 11.0.5, a GLPI administrator can perform SSRF request through the Webhook feature. This issue has been patched in version 11.0.5.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Glpi Project/Glpillm-fuzzy2 versions
    >=11.0.0, <11.0.5+ 1 more
    • (no CPE)range: >=11.0.0, <11.0.5
    • (no CPE)range: >= 11.0.0, < 11.0.5

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.