CVE-2026-20757 - CVE Alert System

Basic Information

Severity	LOW
Base Score	2.5
CNA	Gallagher
Published Date	2026-03-02 21:40:45 UTC
Last Modified	2026-03-02 21:40:45 UTC
CVE.org Link	https://www.cve.org/CVERecord?id=CVE-2026-20757
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-20757

Description

Improper Locking vulnerability (CWE-667) in Gallagher Morpho integration allows a privileged operator to cause a limited denial-of-service in the Command Centre Server. This issue affects Command Centre Server: 9.40 prior to vEL9.40.1976(MR1), 9.30 prior to vEL9.30.3382 (MR4), 9.20 prior to vEL9.20.3783 (MR6), 9.10 prior to vEL9.10.4647 (MR9), all versions of 9.00 and prior.

Affected Products

Vendor	Product
gallagher	command centre server

References

https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2026-20757