浏览 21+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-15029 | An unauthenticated user is able to introduce SQL Injection using the Awie export module | Centreon | Infra Monitoring | Critical | 9.8 | 2026-01-05 14:34:03 | Deep Dive |
| CVE-2025-15026 | Unauthenticated configuration import allows administrative account creation using AWIE component | Centreon | Infra Monitoring | Critical | 9.8 | 2026-01-05 14:31:34 | Deep Dive |
| CVE-2025-12511 | A user with elevated privileges can inject XSS in the DSM Administration’s Extensions configuration page | Centreon | Infra Monitoring | Medium | 6.8 | 2026-01-05 14:05:53 | Deep Dive |
| CVE-2025-12513 | A user with elevated privileges can inject XSS in the Hosts configuration parameters page | Centreon | Infra Monitoring | Medium | 6.8 | 2026-01-05 13:43:43 | Deep Dive |
| CVE-2025-12519 | Information disclosure on Administration parameters API endpoint | Centreon | Infra Monitoring | Medium | 5.3 | 2026-01-05 10:15:09 | Deep Dive |
| CVE-2025-13056 | A user with elevated privileges can inject XSS in the Administration ACL Menus configuration page | Centreon | Infra Monitoring | Medium | 6.8 | 2026-01-05 10:10:36 | Deep Dive |
| CVE-2025-5965 | RCE via the backup feature available only to user with high privilege | Centreon | Infra Monitoring | High | 7.2 | 2026-01-05 10:06:05 | Deep Dive |
| CVE-2025-54890 | A user with elevated privileges can inject XSS in the Hostgroups configuration page | Centreon | Infra Monitoring | Medium | 6.8 | 2025-12-22 11:07:28 | Deep Dive |
| CVE-2025-12514 | A user with elevated privileges is able to introduce a SQL Injection using the Open-tickets Notification rules configuration parameters | Centreon | Infra Monitoring - Open-tickets | High | 7.2 | 2025-12-22 10:59:18 | Deep Dive |
| CVE-2025-8460 | A user with elevated privileges can inject XSS in the Notification rules configuration page | Centreon | Infra Monitoring | Medium | 6.8 | 2025-12-22 10:55:59 | Deep Dive |
| CVE-2025-10023 | A user with elevated privileges can inject XSS in the Services Meta-services configuration page | Centreon | Infra Monitoring | Medium | 6.2 | 2025-10-27 15:07:22 | Deep Dive |
| CVE-2025-8432 | CentreonBI user account on the MBI server can execute commands as root by modifying script runned by the CRON | Centreon | Infra Monitoring | High | 8.4 | 2025-10-27 10:08:34 | Deep Dive |
| CVE-2025-8459 | A user with low privileges can inject XSS in the Monitoring Recurrent downtimes page | Centreon | Infra Monitoring | High | 7.7 | 2025-10-14 17:11:31 | Deep Dive |
| CVE-2025-8430 | A user with elevated privileges can inject XSS in the Commands Connectors configuration configuration page | Centreon | Infra Monitoring | Medium | 6.8 | 2025-10-14 16:54:44 | Deep Dive |
| CVE-2025-8429 | A user with elevated privileges can inject XSS in the ACL Action access configuration page | Centreon | Infra Monitoring | Medium | 6.8 | 2025-10-14 15:29:56 | Deep Dive |
| CVE-2025-54893 | A user with elevated privileges can inject XSS in the Hosts templates configuration page | Centreon | Infra Monitoring | Medium | 6.8 | 2025-10-14 15:24:24 | Deep Dive |
| CVE-2025-54891 | A user with elevated privileges can inject XSS in the ACL Resource Access configuration page | Centreon | Infra Monitoring | Medium | 6.8 | 2025-10-14 15:07:01 | Deep Dive |
| CVE-2025-54892 | A user with elevated privileges can inject XSS in the SNMP traps group configuration page | Centreon | Infra Monitoring | Medium | 6.8 | 2025-10-14 14:59:11 | Deep Dive |
| CVE-2025-54889 | A user with elevated privileges can inject XSS in the SNMP traps manufacturer configuration page | Centreon | Infra Monitoring | Medium | 6.8 | 2025-10-14 14:54:31 | Deep Dive |
| CVE-2025-5946 | RCE via the poller reload feature available only to user with high privilege | Centreon | Infra Monitoring | High | 7.2 | 2025-10-14 14:29:01 | Deep Dive |