CVE-2026-2751 | THREATINT

Description

Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. Vulnerability in Centreon Centreon Web on Central Server on Linux (Service Dependencies modules) allows Blind SQL Injection.This issue affects Centreon Web on Central Server before 25.10.8, 24.10.20, 24.04.24.

PUBLISHED Reserved 2026-02-19 | Published 2026-02-27 | Updated 2026-02-27 | Assigner Centreon

HIGH: 8.3CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

Problem types

Blind SQL Injection via unsanitized array keys in Service Dependencies deletion.

Product status

Default status

unaffected

25.10; 24.10;24.04 (custom) before 25.10.8, 24.10.20, 24.04.24

affected

Credits

Texugo from Hakaï Security finder

References

https/...ns-64/cve-2026-2751-centreon-web-high-severity-5504

cve.org (CVE-2026-2751)

nvd.nist.gov (CVE-2026-2751)

Download JSON