Deserialization of Untrusted Data Vulnerability in SolarWinds Observability Self-Hosted
CVE-2025-26397

7.8HIGH

Key Information:

Vendor: Solarwinds
Status: Solarwinds Observability Self-hosted
Vendor: CVE Published:; 24 July 2025

What is CVE-2025-26397?

The SolarWinds Observability Self-Hosted platform is impacted by a vulnerability that allows an attacker with low-level permissions to escalate their privileges. This security flaw enables the execution of malicious files placed in directories that typically require elevated permissions. To exploit this vulnerability, an attacker must have local access to the host server and authenticate using a low-level account. Prompt remediation is essential to secure the affected systems and prevent potential misuse.

Affected Version(s)

SolarWinds Observability Self-Hosted 2025.2 and previous versions

References

https://www.solarwinds.com/trust-center/security-advisori...

https://documentation.solarwinds.com/en/success_center/or...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 24, 2025
Vulnerability Reserved
Feb 8, 2025

Credit

ccc working with the Trend Micro Zero Day Initiative

JSON

Solarwinds

What is CVE-2025-26397?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit