Ir para o conteúdo principal
  1. Cloud Computing Solutions/
  2. Blog/

GLPI 11.0.8 and 10.0.26: Updated Docker Images and Helm Chart

·234 palavras·2 minutos
EF-TECH
Autor
EF-TECH
Transforme a performance e a segurança do seu ambiente com nossas soluções!

GLPI 11.0.8 was released today as a security release — upgrading is recommended for all environments. This version fixes 16 vulnerabilities, including 2 critical and 8 high severity.

Security highlights
#

Critical Vulnerabilities
#

  • CVE-2026-48482 — RCE via Form import
  • CVE-2026-52848 — MFA bypass

High Vulnerabilities
#

  • CVE-2026-47678 — SQL injection in dropdowns
  • CVE-2026-47679 — Arbitrary file deletion
  • CVE-2026-49470 — Account takeover via 2FA brute force
  • CVE-2026-53625 — Privilege escalation via authtype API
  • CVE-2026-53610 — Reflected XSS in dashboards
  • CVE-2026-53626 — Arbitrary document read
  • CVE-2026-53629 — SQL injection in history tab
  • CVE-2026-55214 — Stored XSS in suppliers

Medium Vulnerabilities
#

Unauthorized debug mode activation, LDAP filter injection, unallowed authentication method update, unexpected API update access, unallowed knowledge base comment modification, and unallowed notification sending.

Docker Images and Helm Chart
#

We published Docker images and Helm Chart for both GLPI versions:

ComponentVersion
GLPI (app)11.0.8
GLPI (app)10.0.26
Helm Chartglpi-11.0.8

Links#

Upgrade via Helm
#

helm repo add eftech https://eftechcombr.github.io/glpi/charts
helm repo update
helm upgrade --install glpi eftech/glpi --namespace glpi --version 11.0.8

Upgrade via Docker
#

docker pull ghcr.io/eftechcombr/glpi:11.0.8

This upgrade is especially critical if you use Form import functionality (RCE) or multi-factor authentication (bypass). We recommend upgrading as soon as possible.

At EF-TECH, we offer specialized support for GLPI deployment and maintenance in containers. Contact us to learn more.