Centreon web

This hub aggregates every CVE we track for Centreon web, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Centreon web.

• CVE-2025-12513A user with elevated privileges can inject XSS in the Hosts configuration parameters page6.8Jan 5, 2026
• CVE-2025-12519Information disclosure on Administration parameters API endpoint5.3Jan 5, 2026
• CVE-2025-13056A user with elevated privileges can inject XSS in the Administration ACL Menus configuration page6.8Jan 5, 2026
• CVE-2025-5965RCE via the backup feature available only to user with high privilege7.2Jan 5, 2026
• CVE-2025-54890A user with elevated privileges can inject XSS in the Hostgroups configuration page6.8Dec 22, 2025
• CVE-2025-10023A user with elevated privileges can inject XSS in the Services Meta-services configuration page6.2Oct 27, 2025
• CVE-2025-8459A user with low privileges can inject XSS in the Monitoring Recurrent downtimes page7.7Oct 14, 2025
• CVE-2025-8430A user with elevated privileges can inject XSS in the Commands Connectors configuration configuration page6.8Oct 14, 2025
• CVE-2025-8429A user with elevated privileges can inject XSS in the ACL Action access configuration page6.8Oct 14, 2025
• CVE-2025-54893A user with elevated privileges can inject XSS in the Hosts templates configuration page6.8Oct 14, 2025
• CVE-2025-54891A user with elevated privileges can inject XSS in the ACL Resource Access configuration page6.8Oct 14, 2025
• CVE-2025-54892A user with elevated privileges can inject XSS in the SNMP traps group configuration page6.8Oct 14, 2025
• CVE-2025-54889A user with elevated privileges can inject XSS in the SNMP traps manufacturer configuration page6.8Oct 14, 2025
• CVE-2025-5946RCE via the poller reload feature available only to user with high privilege7.2Oct 14, 2025
• CVE-2025-8428XSS found in the HTTP loader widget6.8Oct 14, 2025