CVE-2026-2751

HIGH 8.3

Blind SQL Injection

CVSS Score

8.3

EPSS Score

0.0%

EPSS Percentile

0th

Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. Vulnerability in Centreon Centreon Web on Central Server on Linux (Service Dependencies modules) allows Blind SQL Injection.This issue affects Centreon Web on Central Server before 25.10.8, 24.10.20, 24.04.24.

Vendor	centreon
Product	centreon web on central server
Published	Feb 27, 2026
Last Updated	Feb 27, 2026

Stay Ahead of the Next One

Get instant alerts for centreon centreon web on central server

Be the first to know when new high vulnerabilities affecting centreon centreon web on central server are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

Low

Affected Versions

Centreon / Centreon Web on Central Server

25.10; 24.10;24.04 < 25.10.8, 24.10.20, 24.04.24

References

NVD ↗ CVE.org ↗ EPSS Data ↗

https: https://https://thewatch.centreon.com/latest-security-bulletins-64/cve-2026-2751-centreon-web-high-severity-5504

Credits

Texugo from Hakaï Security