CVE-2026-22248
Received Received - Intake

Remote Code Execution via Unsafe File Upload in GLPI 11.0.x

Vulnerability report for CVE-2026-22248, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-03-11

Last updated on: 2026-03-20

Assigner: GitHub, Inc.

Description

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. From 11.0.0 to before 11.0.5, an authenticated technician user can upload a malicious file and trigger its execution through an unsafe PHP instantiation. This vulnerability is fixed in 11.0.5.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-03-11
Last Modified
2026-03-20
Generated
2026-07-06
AI Q&A
2026-03-11
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
teclib-edition glpi From 11.0.0 (inc) to 11.0.5 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-502 The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Mitigation Strategies

The recommended immediate step to mitigate this vulnerability is to upgrade the GLPI software to version 11.0.5 or later.

Executive Summary

CVE-2026-22248 is a high-severity remote code execution vulnerability in the GLPI software package versions 11.0.0 to before 11.0.5.

An authenticated technician user can upload a malicious file that triggers unsafe PHP instantiation due to improper deserialization of untrusted data.

This flaw allows the attacker to execute arbitrary code remotely on the affected system.

Impact Analysis

This vulnerability can lead to remote code execution, allowing an attacker with technician-level access to run arbitrary code on the system.

The impact includes full compromise of confidentiality, integrity, and availability of the affected system.

Because the attack vector is network-based and requires high privileges but no user interaction, it poses a significant risk in environments where GLPI is used.

Compliance Impact

I don't know

Detection Guidance

I don't know

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-22248. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart