CVE-2026-2751
CRITICAL WAF: High
CVSS 9.8
Published: 2026-02-27
CWE-89
Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. Vulnerability in Centreon Centreon Web on Central Server on Linux (Service Dependencies modules) allows Blind SQL Injection.This issue affects Centreon Web on Central Server before 25.10.8, 24.10.20, 24.04.24.
WAF Coverage Analysis
SQL Injection
High WAF Coverage
OWASP: A03:2021 Injection
942xxx - SQL Injection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| centreon | centreon_web | 24.04.0 - 24.04.24. |
| centreon | centreon_web | 24.10.0 - 24.10.20 |
| centreon | centreon_web | 25.10.0 - 25.10.8 |
References
- https: (Broken Link)