A vulnerability categorized as critical has been discovered in glpi-project glpi up to 11.0.5 . This affects an unknown function of the component MFA . Executing a manipulation can lead to improper authentication. This vulnerability is handled as CVE-2026-25937 . The attack can be executed remotely. There is not any exploit available. It is advisable to upgrade the affected component.