cbcvebase.
CVE-2025-15026
published 2026-01-05

CVE-2025-15026: Missing Authentication for Critical Function vulnerability in Centreon Infra Monitoring centreon-awie (Awie import module) allows Accessing Functionality Not…

PriorityP265critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.37%
29.1th percentile
Missing Authentication for Critical Function vulnerability in Centreon Infra Monitoring centreon-awie (Awie import module) allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Infra Monitoring: from 25.10.0 before 25.10.2, from 24.10.0 before 24.10.3, from 24.04.0 before 24.04.3.

Affected

6 ranges
VendorProductVersion rangeFixed in
centreonawie>= 24.04.0 < 24.04.324.04.3
centreonawie>= 24.10.0 < 24.10.324.10.3
centreonawie>= 25.10.0 < 25.10.225.10.2
centreoninfra_monitoring>= 24.04.0 < 24.04.324.04.3
centreoninfra_monitoring>= 24.10.0 < 24.10.324.10.3
centreoninfra_monitoring>= 25.10.0 < 25.10.225.10.2
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.