CRITICAL
Centreon
CVE published 2026-07-13
CVE-2026-14453
CVE-2026-14453 is a critical Server-Side Template Injection (SSTI) vulnerability in Centreon's centreon-open-tickets module. The message_confirm field is stored without sanitization and rendered via Smarty with no security policy enabled, allowing any authenticated user to inject and execute arbitrary code on the server. This results in disclosure of environment secrets and could impact platform availabil [truncated]