Publication date: February 24th, 2026
Components: centreon-open-tickets
Description: A path traversal vulnerability in the Open Tickets file upload allows an authenticated user to write or delete arbitrary files.
Reference: CVE-2026-2749
CVSS: 9.9
Severity: Critical
Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Open Tickets on Central Server:
These versions include cumulative fixes from prior updates.
To ensure you do not lose any customization that might have been done to your OpenTicket provider, please make sure to create a backup of your configuration before performing update!
If you are using an High Availability Platform, please ensure to follow the Centreon HA Update procedures.
Reporter: N/A
Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.