CVE-2026-2751
Published: 27 February 2026
Summary
CVE-2026-2751 is a high-severity SQL Injection (CWE-89) vulnerability in Centreon Centreon Web. Its CVSS base score is 8.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 13.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly prevents blind SQL injection by requiring validation of unsanitized array keys used as inputs in the Service Dependencies deletion functionality.
Mitigates the vulnerability through timely identification, reporting, and correction of flaws by upgrading to patched Centreon Web versions such as 25.10.8.
Provides additional protection against SQL injection by enforcing restrictions on input types, lengths, and content for parameters in the affected deletion module.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Blind SQLi in network-accessible Centreon Web (AV:N, PR:L) directly enables exploitation of a web application (T1190) and post-auth privilege escalation via DB data extraction/modification (T1068).
NVD Description
Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. Vulnerability in Centreon Centreon Web on Central Server on Linux (Service Dependencies modules) allows Blind SQL Injection.This issue affects Centreon Web on Central Server before 25.10.8, 24.10.20, 24.04.24.
Deeper analysisAI
CVE-2026-2751 is a Blind SQL Injection vulnerability stemming from unsanitized array keys in the Service Dependencies deletion functionality. It affects the Centreon Web component on Central Server running on Linux, specifically within the Service Dependencies modules. The issue impacts Centreon Web versions prior to 25.10.8, 24.10.20, and 24.04.24, as documented under CWE-89 (SQL Injection). The vulnerability carries a CVSS v3.1 base score of 8.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L), indicating high severity due to its potential for significant data compromise.
An attacker with low-privilege authenticated access (PR:L) can exploit this vulnerability remotely over the network (AV:N) with low complexity (AC:L) and without requiring user interaction (UI:N). Successful exploitation enables blind SQL injection attacks, allowing high-impact confidentiality breaches such as unauthorized data extraction from the database (C:H), high-impact integrity violations like data modification or deletion (I:H), and limited availability disruption (A:L), all within the unchanged security scope (S:U).
Centreon's security advisory at https://https://thewatch.centreon.com/latest-security-bulletins-64/cve-2026-2751-centreon-web-high-severity-5504 details the high-severity issue and recommends mitigation by upgrading to Centreon Web versions 25.10.8, 24.10.20, or 24.04.24, which address the unsanitized input handling in the affected modules.
Details
- CWE(s)