This is a security release, upgrading is recommended
This release fixes a few security issues that have been recently discovered. Update is recommended!
You can download the GLPI 10.0.21 archive on GitHub.
You will find below the list of security issues fixed in this bugfixes version:
- [SECURITY - HIGH] Unauthorized access to documents (CVE-2025-64516)
- [SECURITY - MODERATE] Unauthenticated Stored XSS through the inventory endpoint (CVE-2025-59935)
- [SECURITY - MODERATE] Unauthorized access to Knowledge Base items through the API (CVE-2025-64520)
Many bug fixes have also been made, read the full changelog is available for more details.
We would like to thank all people who contributed to this new version and all those who contributes regularly to the GLPI project!
Regards.