A vulnerability, which was classified as critical , has been found in glpi-project glpi-inventory-plugin up to 1.6.5 . This issue affects some unknown processing. The manipulation leads to sql injection. This vulnerability is listed as CVE-2026-26001 . The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.