Security experts have identified multiple vulnerabilities in Centreon products that could allow attackers to execute remote code, breach data confidentiality, or inject SQL commands. The CVE‑2025‑12511, CVE‑2025‑12513, CVE‑2025‑12519, CVE‑2025‑13056, CVE‑2025‑15026, CVE‑2025‑15029 and CVE‑2025‑5965 are listed in the official Centreon security bulletins dated 8 January 2026. Affected systems include AWIE versions 24.04.x prior to 24.04.3, 24.10.x prior to 24.10.3 and 25.10.x prior to 25.10.2; DSM versions 23.10.x before 23.10.5, 24.04.x before 24.04.8, 24.10.x before 24.10.4 and 25.10.x before 25.10.1; and Web versions 23.10.x before 23.10.29, 24.04.x before 24.04.19, 24.10.x before 24.10.15 and 25.10.x before 25.10.2. To mitigate the risks, users should apply the patches published in the vendor’s security bulletins linked above.
Summary of content from
https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0015/
Made by AI. If you spot anything of concern write us at contact@cybach.com. We’ll promptly correct irregularities.