Home > Vulnerability Database > CVE-2025-53113

Mend.io Vulnerability Database

CVE-2025-53113

Good to know:

Date: July 30, 2025

GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 0.65 through 10.0.18, a technician can use the external links feature to fetch information on items they do not have the right to see. This is fixed in version 10.0.19.

Severity Score

2.7

Related Resources (3)

Url: https://github.com/glpi-project/glpi/security/advisories/GHSA-r2mm-6499-4m8j

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-53113

Url: https://www.mend.io/vulnerability-database/CVE-2025-53113

Severity Score

2.7

Weakness Type (CWE)

Improper Access Control

CWE-284

Missing Authorization

CWE-862

Top Fix

Upgrade Version

Upgrade to version https://github.com/glpi-project/glpi.git - 10.0.19

Learn More

CVSS v3.1

Base Score:	2.7
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	HIGH
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-53113

Good to know:

Date: July 30, 2025

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?