Security Advisory - Published 2026-07-11 - Database / Backend

Database backend batch: check AI entity stores, TURN admin panels, and GLPI import jobs

This batch is about backend services where database access is close to user-facing import, admin, or AI memory features. Patch the component, then check whether data boundaries, credentials, or imported records were touched.

Defensive scope: review only owned services or approved client systems. This page stays on patching, evidence, database logs, and credential review.

Affected CVEs in this batch

CVEProductAffectedReviewCVSS
CVE-2026-55405LangChain4jvendor advisoryMariaDB and pgvector entity stores, query logs, model memory, and data boundaries7.6
CVE-2026-53448Coturn< 4.12.0HTTPS admin exposure, database records, relay users, and service logs7.2
CVE-2026-11321GLPI DataInjection2.15.6 on GLPI 11 buildsCSV import jobs, database errors, plugin users, and uploaded files7.1

What to check

  • LangChain4j versions, MariaDB and pgvector entity-store use, model memory scope, and query logs.
  • Coturn HTTPS admin exposure, admin credentials, relay users, database records, and service logs.
  • GLPI DataInjection version, CSV import history, uploaded files, plugin users, and database errors.
  • Whether affected components can reach production customer data, authentication tables, billing records, or internal services.

Safe fix path

  1. Patch the affected backend component and keep admin panels or import paths private while patching.
  2. Preserve database logs, application logs, import files, admin logs, and service configuration before cleanup.
  3. Review records changed during the exposure window and compare them with expected import or admin activity.
  4. Rotate database passwords, relay credentials, API keys, and service tokens if backend integrity is uncertain.

Compromise indicators

  • Unexpected SQL errors, slow queries, or reads from tables that the feature should not touch.
  • New relay users, changed Coturn admin settings, or unknown HTTPS admin requests.
  • CSV import jobs, uploaded files, or GLPI changes without a matching ticket.
  • AI memory or entity-store records containing data that should not have crossed tenant boundaries.

When to ask Ping7 for repair

Use Ping7 CVE Repair when an import feature, admin panel, or AI memory store had database access and you need a clean record of what changed before returning the service to normal use.

References