Find notable cyber news and cases, enriched with sources, timelines, and signals.

SolarWinds Web Help Desk untrusted data deserialization RCE (CVE-2025-40551)

Vulnerability
First reported
Last updated
Happening score
H score 89
2 unique sources, 2 articles

Summary

Hide ▲

SolarWinds Web Help Desk CVE-2025-40551 is now confirmed actively exploited, putting unpatched systems at risk of remote command execution. The flaw is an untrusted data deserialization issue, and CISA told federal agencies to patch within three days. SolarWinds says Web Help Desk 2026.1 fixes the problem, while defenders are being urged to update as soon as possible.

Related Happenings

SolarWinds Serv-U advisory and mitigations for CVE-2026-28318

Advisory/Mitigation
H score52 First: 06.06.2026 11:14 Last: 06.06.2026 11:14 Sources 1

About this happening: **SolarWinds Serv-U** mitigation guidance now covers **CVE-2026-28318**, reducing **unauthenticated DoS** risk from specially crafted POST requests. SolarWinds says the flaw is ad...

CISA KEV order for SolarWinds Serv-U CVE-2026-28318

Public Sector Action
H score50 First: 06.06.2026 11:14 Last: 06.06.2026 11:14 Sources 1

About this happening: **CISA** added **CVE-2026-28318** affecting **SolarWinds Serv-U** to the **KEV catalog** and ordered **FCEB agencies** to remediate it by **June 19, 2026**. The directive expands...

Sangoma FreePBX web shell exploitation wave (CVE-2025-64328)

Exploitation Wave
H score41 First: 27.02.2026 19:59 Last: 27.02.2026 19:59 Sources 1

About this happening: More than **900 Sangoma FreePBX** instances remain **web-shell infected** after an **ongoing exploitation wave** tied to **CVE-2025-64328**. The affected systems span the **U.S.**...

CISA adds two Roundcube flaws to KEV catalog

Public Sector Action
H score49 First: 21.02.2026 09:21 Last: 21.02.2026 09:21 Sources 1

About this happening: **CISA** added **two Roundcube webmail flaws** to the **KEV catalog** after citing **active exploitation**, increasing urgency for federal remediation. **CVE-2025-49113** is a **C...

CISA updates KEV entry for CVE-2026-1731

Public Sector Action
H score36 First: 20.02.2026 17:45 Last: 20.02.2026 17:45 Sources 1

About this happening: **CISA** updated its **KEV catalog** entry for **CVE-2026-1731**, confirming the flaw has been used in **ransomware campaigns** and elevating its government-tracked risk. The upda...

Timeline

  1. 03.02.2026 21:37 2 articles · 5mo ago

    SolarWinds releases Web Help Desk 2026.1 for CVE-2025-40551

    Mitigation Patch Update

    SolarWinds releases Web Help Desk 2026.1 to fix the untrusted data deserialization flaw tracked as CVE-2025-40551, which could let unauthenticated attackers achieve remote command execution on unpatched devices. The same release also patches CVE-2025-40537, CVE-2025-40552, and CVE-2025-40554.

    Show sources
  2. 03.02.2026 21:37 2 articles · 5mo ago

    CISA adds CVE-2025-40551 to exploited-in-the-wild catalog

    Legal Policy Action Update

    CISA adds CVE-2025-40551 to its catalog of flaws exploited in the wild and gives Federal Civilian Executive Branch agencies three days to secure affected systems under Binding Operational Directive 22-01. CISA also urges all network defenders, including private-sector operators, to patch SolarWinds Web Help Desk as soon as possible because exploitation is ongoing.

    Show sources