Our 2027 Security Industry Trends Survey is now live. Add your insights to the conversion. Take the survey now

CVE-2026-26053

Severity: Medium CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N

Components affected: Command Centre Server

Version of Command Centre affected: 9.50 prior to vEL9.50.1587(MR1),9.40 prior to vEL9.40.3130(MR3),9.30 prior to vEL9.30.3983(MR5),9.20 prior to vEL9.20.4349(MR7), all versions of 9.10.

Reported by: Internally

Active exploitation of vulnerability*: No

Description of vulnerability: An Incorrect Privilege Assignment (CWE-266) vulnerability in the Command Centre Server allows an authenticated operator with limited privileges to perform some operations that they would not normally be authorized to perform.

*This indicates whether Gallagher are aware of this being actively exploited against customer sites at the time of publication.

 

Stay up to date with Gallagher

Get the latest Gallagher news, updates, and event information delivered straight to your inbox.