Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

SolarWinds security patch release for CVE-2025-40552

Security Patch Release
First reported
Last updated
Happening score
H score 55
3 unique sources, 3 articles

Summary

Hide ▲

SolarWinds released security updates for Web Help Desk to fix critical authentication bypass and remote command execution flaws. The bundle covers CVE-2025-40552, CVE-2025-40554, CVE-2025-40553, CVE-2025-40551, and CVE-2025-40537. Some of the bugs can be abused by remote unauthenticated attackers or low-privilege users to run commands or reach administrative functions. Administrators are being told to upgrade vulnerable servers to Web Help Desk 2026.1 as soon as possible.

Related Happenings

Ghost CMS CVE-2026-26980 ClickFix campaign

Campaign
First: 24.05.2026 17:12 Last: 24.05.2026 17:12 Sources 1

About this happening: A **large-scale campaign** is exploiting **CVE-2026-26980** in **Ghost CMS** to plant malicious JavaScript and drive **ClickFix** lure pages, putting exposed sites and their visit...

Open Happening

TrendAI Trend Micro’s enterprise business security patch release for CVE-2026-34926

Security Patch Release
First: 22.05.2026 11:19 Last: 22.05.2026 11:19 Sources 1

About this happening: **TrendAI** released **Apex One** security updates after confirming a **zero-day** had been **exploited in the wild**, leaving **on-premises installations** at risk until patched....

Open Happening

Exim security patch release for CVE-2026-45185

Security Patch Release
First: 13.05.2026 23:23 Last: 13.05.2026 23:23 Sources 1

About this happening: **Exim** released **version 4.99.3** to fix **CVE-2026-45185**, closing a **remote-code-execution risk** in affected mail servers. The patch applies to **Exim versions before 4.99...

Open Happening

Progress Software security patch release for CVE-2026-4670

Security Patch Release
First: 04.05.2026 19:34 Last: 04.05.2026 19:34 Sources 1

About this happening: **Progress Software** has released **MOVEit Automation** updates to fix **CVE-2026-4670** and **CVE-2026-5174**, including a **critical authentication bypass** that could expose e...

Open Happening

CPanel and WHM emergency update for critical auth-bypass

Security Patch Release
First: 29.04.2026 18:51 Last: 29.04.2026 18:51 Sources 1

About this happening: **WebPros International** released an **emergency update** for **cPanel** and **WHM** after a critical **authentication-bypass** flaw could expose supported installations to **una...

Open Happening

Timeline

  1. 04.02.2026 12:15 1 articles · 3mo ago

    CISA adds CVE-2025-40551 to KEV Catalog for SolarWinds Web Help Desk

    Legal Policy Action Update

    CISA added CVE-2025-40551 in SolarWinds Web Help Desk to its Known Exploited Vulnerabilities Catalog and warned federal civilian agencies to patch by Friday after the flaw was reported as actively exploited; the issue is a CVSS 9.8 deserialization of untrusted data vulnerability that can lead to remote code execution.

    Show sources
    Open in new tab
  2. 28.01.2026 16:39 3 articles · 3mo ago

    SolarWinds patches Web Help Desk vulnerabilities

    Mitigation Patch Update

    SolarWinds releases security updates for Web Help Desk, including Web Help Desk 2026.1, to fix critical authentication bypass and remote code execution flaws such as CVE-2025-40552, CVE-2025-40554, CVE-2025-40553, CVE-2025-40551, and CVE-2025-40537. The affected issues can allow remote unauthenticated attackers or low-privilege users to execute commands or reach administrative functions, and administrators are advised to upgrade vulnerable servers as soon as possible.

    Show sources
    Open in new tab