FreePBX security advisory (AV26–711)

Serial number: AV26-711
Date: July 17, 2026

On July 17, 2026, FreePBX published security advisories to address vulnerabilities in the following products. Included were critical updates for the following:

  • FreePBX Security-Reporting ucp (FreePBX 17) – versions prior to 17.0.9
  • FreePBX Security-Reporting missedcall (FreePBX 16) – versions prior to 16.0.11
  • FreePBX Security-Reporting missedcall (FreePBX 16) – versions prior to 17.0.6
  • FreePBX Security-Reporting tts (FreePBX 17) – versions prior to 17.0.6
  • FreePBX Security-Reporting tts (FreePBX 16) – versions prior to 16.0.6
  • FreePBX Security-Reporting music (FreePBX 17) – versions prior to 17.0.7
  • FreePBX Security-Reporting framework (FreePBX 16) – versions prior to 16.0.47
  • FreePBX Security-Reporting framework (FreePBX 17) – versions prior to 17.0.30

The Cyber Centre encourages users and administrators to review the web links provided, apply the necessary updates and perform the suggested mitigations.

Date modified: