Skip to main content
Security Bulletin

CVE-2026-14453 - Centreon Open Tickets - CRITICAL Severity

  • July 16, 2026
  • 0 replies
  • 41 views

Publication date: July 8th, 2026

Components: centreon-open-tickets

Description: A server-side template injection vulnerability in the centreon-open-tickets module has been fixed by enforcing a Smarty security policy and adding access-control checks to prevent unauthorized template evaluation and sensitive file disclosure.

ReferenceCVE-2026-14453

CVSS: 9.6

Severity: Critical

 

Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Open Tickets on Central Server:

These versions include cumulative fixes from prior updates.

:index_vers_la_droite: To ensure you do not lose any customization that might have been done to your OpenTicket provider, please make sure to create a backup of your configuration before performing update!

 

If you are using an High Availability Platform, please ensure to follow the Centreon HA Update procedures.

 

Reporter: N/A

 

Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.