CVE-2026-32312— GLPI: Unauthorized export of form structure

AI Predicted 5.3 Difficulty: Trivial EPSS 0.03% · P10 Updated May 19, 2026

Possible ATT&CK Techniques 1AI

T1213 · Data from Information Repositories

Affected Version Matrix 1

Vendor	Product	Version Range	Status
glpi-project	glpi	`>= 11.0.0, < 11.0.7`	affected

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-32312

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

GLPI: Unauthorized export of form structure

Source: NVD (National Vulnerability Database)

Vulnerability Description

GLPI is a free asset and IT management software package. In versions 11.0.0 through 11.0.6, an authenticated user with forms READ permission can export the structure of unauthorized forms. This issue has been fixed in version 11.0.7.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

授权机制缺失

Source: NVD (National Vulnerability Database)

Vulnerability Title

GLPI 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

GLPI是GLPI开源的一款开源IT和资产管理软件。该软件提供功能全面的IT资源管理接口，你可以用它来建立数据库全面管理IT的电脑，显示器，服务器，打印机，网络设备，电话，甚至硒鼓和墨盒等。 GLPI 11.0.0版本至11.0.6版本存在安全漏洞，该漏洞源于具有表单读取权限的认证用户可以导出未授权表单的结构。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
glpi-project	glpi	>= 11.0.0, < 11.0.7	-

II. Public POCs for CVE-2026-32312

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-32312

请登录查看更多情报信息。

Vendor Advisories for CVE-2026-32312 (1)

🔗 Unauthorized export of form structure · Advisory · glpi-project/glpi · GitHubx_refsource_CONFIRM

Vendor Pages for CVE-2026-32312 (1)

🔗 Release 11.0.7 · glpi-project/glpi · GitHub Read full article x_refsource_MISC

https://nvd.nist.gov/vuln/detail/CVE-2026-32312

IV. Related Vulnerabilities

Same product: glpi

Same vendor: glpi-project

Same weakness: CWE-862

V. Comments for CVE-2026-32312

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-32312— GLPI: Unauthorized export of form structure

Possible ATT&CK Techniques 1AI

Affected Version Matrix 1

I. Basic Information for CVE-2026-32312

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-32312

III. Intelligence Information for CVE-2026-32312

Vendor Advisories for CVE-2026-32312 (1)

Vendor Pages for CVE-2026-32312 (1)

IV. Related Vulnerabilities

V. Comments for CVE-2026-32312

Leave a comment