Credential Theft Vulnerability in GLPI Asset Management Software
CVE-2025-53008

Currently unrated

Key Information:

Vendor: GLPI Project
Status: GLPI
Vendor: CVE Published:; 30 July 2025

🔔 Create GLPI Project Vulnerability Alert

What is CVE-2025-53008?

In GLPI, an open-source IT asset and management software, a vulnerability allows an authenticated user to execute a malicious payload, potentially exposing email receiver credentials. This security issue affects versions from 9.3.1 to 10.0.19. The vulnerability was addressed in version 10.0.19, safeguarding users from potential credential theft.

References

https://github.com/glpi-project/glpi/security/advisories/...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 30, 2025

JSON