CVE-2026-22044 – This vulnerability allows authenticated users i... (How to Fix)

Q: What is the severity of CVE-2026-22044?

CVE-2026-22044 has a CVSS score of 6.5 (MEDIUM). This vulnerability allows authenticated users in GLPI (an IT management software) to perform SQL injection attacks. It affects all GLPI installations running versions 0.85 through 10.0.22. Attackers could potentially access, modify, or delete database information.

📋 TL;DR

This vulnerability allows authenticated users in GLPI (an IT management software) to perform SQL injection attacks. It affects all GLPI installations running versions 0.85 through 10.0.22. Attackers could potentially access, modify, or delete database information.

💻 Affected Systems

Products:

GLPI

Versions: 0.85 to 10.0.22

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated user access

📦 What is this software?

Glpi by Glpi Project

View all CVEs affecting Glpi →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, privilege escalation, or system takeover

🟠

Likely Case

Unauthorized data access and potential data manipulation

🟢

If Mitigated

Limited impact due to proper input validation and database permissions

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Requires authenticated access but SQL injection is typically straightforward to exploit

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 10.0.23

Vendor Advisory: https://github.com/glpi-project/glpi/security/advisories/GHSA-569q-j526-w385

Restart Required: No

Instructions:

1. Backup your GLPI installation and database. 2. Download version 10.0.23 from the official repository. 3. Follow the GLPI upgrade documentation for your specific deployment method.

🔧 Temporary Workarounds

Input Validation Enhancement

all

Implement additional input validation for user-controlled parameters

Database Permission Restriction

all

Limit database user permissions to minimum required operations

🧯 If You Can't Patch

Implement web application firewall (WAF) with SQL injection rules
Restrict authenticated user access to only trusted personnel

🔍 How to Verify

Check if Vulnerable:

Check GLPI version in Administration > General > Information

Check Version:

Check GLPI web interface or examine GLPI configuration files

Verify Fix Applied:

Verify version is 10.0.23 or higher in Administration > General > Information

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in application logs
Multiple failed login attempts followed by SQL-like patterns

Network Indicators:

Unusual database connection patterns from application servers

SIEM Query:

source="glpi_logs" AND ("sql" OR "query" OR "select" OR "insert" OR "update" OR "delete") AND NOT source="normal_operations"

📊 Metadata

CVE ID: CVE-2026-22044

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-89

EPSS Score: 0.04% exploit probability (11.2th percentile)

Published: February 4, 2026

Last Updated: February 6, 2026

🔗 References

https://github.com/glpi-project/glpi/releases/tag/10.0.23 Product,Release Notes
https://github.com/glpi-project/glpi/security/advisories/GHSA-569q-j526-w385 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-22044, you might also want to check these: