PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-14453 Centreon CVE debrief

CVE-2026-14453 is a critical Server-Side Template Injection (SSTI) vulnerability in Centreon's centreon-open-tickets module. The message_confirm field is stored without sanitization and rendered via Smarty with no security policy enabled, allowing any authenticated user to inject and execute arbitrary code on the server. This results in disclosure of environment secrets and could impact platform availability of Centreon Infra Monitoring product. Centreon users and administrators should be aware of this vulnerability and take immediate action to protect their systems.

Vendor
Centreon
Product
Infra Monitoring
CVSS
CRITICAL 9.6
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-13
Original CVE updated
2026-07-13
Advisory published
2026-07-13
Advisory updated
2026-07-13

Who should care

Centreon users and administrators, particularly those responsible for Centreon Infra Monitoring product deployments, should be aware of this vulnerability and take immediate action to protect their systems. This includes reviewing system logs for suspicious activity and implementing additional security measures, such as Web Application Firewalls (WAFs), to detect and prevent similar attacks.

Technical summary

The vulnerability exists in the centreon-open-tickets module of Centreon. The message_confirm field is stored without sanitization and rendered via Smarty with no security policy enabled. This allows any authenticated user to inject and execute arbitrary code on the server, resulting in disclosure of environment secrets and potential impact on platform availability of Centreon Infra Monitoring product. Centreon users and administrators should review their system configurations and apply patches or updates to mitigate this vulnerability.

Defensive priority

High

Recommended defensive actions

  • Apply the vendor patch or update to the latest version of Centreon.
  • Restrict access to the centreon-open-tickets module to only necessary users.
  • Monitor system logs for suspicious activity.
  • Implement additional security measures, such as Web Application Firewalls (WAFs), to detect and prevent similar attacks.
  • Review compensating controls for exposed systems while remediation is scheduled and verified.
  • Check relevant monitoring, detection, and logs for exposed assets that need extra review.
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented.

Evidence notes

The CVE record was published on 2026-07-13T09:16:23.893Z and has not been modified since then. The NVD entry is currently 9.6 CRITICAL. Centreon users and administrators should verify their systems for the centreon-open-tickets module and assess potential exposure. Evidence of exploitation or related incidents has not been reported publicly.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-13T09:16:23.893Z and has not been modified since then.