Solarwinds News Articles

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318) - IT Security News

A vulnerability (CVE-2026-28318) that can be exploited to crash SolarWinds Serv-U file transfer servers is being leveraged by attackers in the wild, the US Cybersecurity and Infrastructure Security Agency (CISA) confirmed on Friday. The agency has ordered US federal civilian…Read more →

6 days ago

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318) - Help Net Security

A vulnerability (CVE-2026-28318) that can be exploited to crash SolarWinds Serv-U file transfer servers is being leveraged by attackers.

6 days ago

SolarWinds Serv-U Vulnerability Exploited in the Wild

SolarWinds has patched CVE-2026-28318, a denial-of-service vulnerability in Serv-U that has been exploited in the wild.

1 week ago

CISA Alerts on Actively Exploited SolarWinds Serv-U Denial-of-Service Flaw - IT Security News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability in SolarWinds Serv-U to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-28318, this flaw allows unauthenticated threat actors to remotely crash the file transfer serv...

1 week ago

CISA Warns of SolarWinds Serv-U Vulnerability Exploited in Attacks - IT Security News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical SolarWinds Serv-U vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that threat actors are actively exploiting the flaw in the wild. Tracked as CVE-2026-28318, the vulnerability affects…Re...

1 week ago

CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog

CISA added CVE-2026-28318, a high-severity SolarWinds Serv-U DoS flaw, to its KEV catalog after evidence of active exploitation.

1 week ago

CISA Warns of SolarWinds Serv-U Vulnerability Exploited in Attacks

CISA has added a critical SolarWinds Serv-U vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that threat actors are actively exploiting the flaw in the wild.

1 week ago

CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers

CISA warned today that hackers are now actively exploiting a recently patched high-severity SolarWinds Serv-U flaw to crash servers.

1 week ago

CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited

CISA adds 3 exploited flaws—SolarWinds, Ivanti, Workspace One—to KEV after attacks, forcing federal patch deadlines in March 2026.

CISA orders federal agencies to patch exploited SolarWinds, Apple, Microsoft bugs within weeks

The Cybersecurity and Infrastructure Security Agency (CISA) added ten new vulnerabilities to its catalog of exploited bugs this week, forcing all federal civilian agencies to resolve the issues by the first week of March.

Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability

Active exploitation of BeyondTrust enables unauthenticated RCE as CISA adds Apple, Microsoft, SolarWinds, and Notepad++ flaws to KEV list.

CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

SolarWinds WHD Attacks Highlight Dangers of Exposed Apps

Organizations that have exposed their instances of Web Help Desk to the public Internet have inadvertently made them prime targets for attackers.

SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers

Microsoft links SolarWinds WHD exploits to RCE, lateral movement, and domain compromise in multi-stage attacks.

CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog

CISA adds an actively exploited SolarWinds Web Help Desk RCE flaw to KEV, ordering federal agencies to patch by February 2026.

CISA flags critical SolarWinds RCE flaw as exploited in attacks

CISA has flagged a critical SolarWinds Web Help Desk vulnerability as actively exploited in attacks and ordered federal agencies to patch their systems within three days.

SolarWinds releases third patch to fix Web Help Desk RCE bug

SolarWinds has released a hotfix for a critical a critical vulnerability in Web Help Desk that allows remote code execution (RCE) without authentication.

SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw

SolarWinds fixes CVE-2025-26399, a 9.8 CVSS patch bypass of CVE-2024-28988, preventing remote code execution.

CISA Flags Critical SolarWinds Web Help Desk Bug for In-the-Wild Exploitation

CISA warns that a critical-severity hardcoded credentials vulnerability in SolarWinds Web Help Desk is exploited in attacks.

Week in review: Windows Server 2025 gets hotpatching option, PoC for SolarWinds WHD flaw released - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Windows Server 2025 gets hotpatching option, without

PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) - Help Net Security

Details about and PoC exploit code for CVE-2024-28987, a recently patched SolarWinds Web Help Desk (WHD) vulnerability, are now public.

SolarWinds fixed critical RCE CVE-2024-28991 in Access Rights Manager

SolarWinds addressed a critical remote code execution vulnerability, tracked as CVE-2024-28991, in Access Rights Manager.

SolarWinds fixed critical RCE CVE-2024-28991 in Access Rights Manager

SolarWinds addressed a critical remote code execution vulnerability, tracked as CVE-2024-28991, in Access Rights Manager.

SolarWinds Patches Critical Vulnerability in Access Rights Manager

SolarWinds has announced patches for a critical-severity remote code execution vulnerability in Access Rights Manager.

Patch Now: Second SolarWinds Critical Bug in Web Help Desk

The disclosure of CVE-2024-28987 means that, in two weeks, there have been two critical bugs and corresponding patches for SolarWinds' less-often-discussed IT help desk software.