Skip to main content

Web CVE-2026-2750

CRITICAL
Improper Input Validation (CWE-20)
2026-02-27 bd4443e6-1eef-43f3-9886-25fc9ceeaae7
Information Disclosure Web
9.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.1 CRITICAL
AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
CVE Published
Feb 27, 2026 - 16:16 nvd
CRITICAL 9.1

DescriptionCVE.org

Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centreon Open Tickets modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10; 24.10;24.04.

AnalysisAI

Input validation vulnerability in Centreon Open Tickets module allows authenticated attackers to manipulate ticket data, potentially affecting monitored infrastructure integrity.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate as high-privilege Centreon user
Exploit
Submit crafted input to Open Tickets module
Execution
Bypass input validation checks
Impact
Execute arbitrary code on Central Server
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Centreon Open Tickets module must be installed and enabled on Central Server. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment CVSS 9.1. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario Authenticated user submits crafted ticket data that bypasses validation, potentially injecting malicious content or corrupting ticketing workflow.
Remediation Update Centreon Open Tickets module to address both this and CVE-2026-2749. Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: Inventory all Centreon deployments and identify systems running affected versions (before 25.10, 24.10, 24.04); disable or restrict network access to the Open Tickets module if operationally feasible. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-2750 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy