Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
Centreon Web on Linux Central Server: Malicious Data Injection Risk
CVE-2026-2751
Summary
An outdated version of Centreon Web on Linux Central Server allows hackers to inject malicious data, potentially allowing them to access sensitive information or disrupt the system. This affects Centreon Web on Central Server before certain versions. Update to the latest version to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| centreon | centreon_web | > 24.04.0 , <= 24.04.24. | – |
| centreon | centreon_web | > 24.10.0 , <= 24.10.20 | – |
| centreon | centreon_web | > 25.10.0 , <= 25.10.8 | – |
Original title
Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. Vulnerability in Centreon Centreon Web on Central Server on Linux (Service Dependencies modules) allows Blind SQL In...
Original description
Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. Vulnerability in Centreon Centreon Web on Central Server on Linux (Service Dependencies modules) allows Blind SQL Injection.This issue affects Centreon Web on Central Server before 25.10.8, 24.10.20, 24.04.24.
nvd CVSS3.1
8.3
Vulnerability type
CWE-89
SQL Injection
Published: 27 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026