Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

SolarWinds security patch release for CVE-2025-40538

Security Patch Release
First reported
Last updated
Happening score
H score 48
1 unique sources, 1 articles

Summary

Hide ▲

SolarWinds released Serv-U updates that fix four critical flaws in version 15.5, reducing the risk of remote code execution. The patched issues are tracked as CVE-2025-40538 through CVE-2025-40541 and are addressed in Serv-U version 15.5.4.

Related Happenings

Avada Builder 3.15.3 patch release (CVE-2026-4782, CVE-2026-4798)

Security Patch Release
First: 15.05.2026 18:56 Last: 15.05.2026 18:56 Sources 1

About this happening: **Avada Builder** shipped **version 3.15.3** as the full fix for **CVE-2026-4782** and **CVE-2026-4798**, closing the plugin flaws that could expose files and database data. A pri...

Open Happening

Exim security patch release for CVE-2026-45185

Security Patch Release
First: 13.05.2026 23:23 Last: 13.05.2026 23:23 Sources 1

About this happening: **Exim** released **version 4.99.3** to fix **CVE-2026-45185**, closing a **remote-code-execution risk** in affected mail servers. The patch applies to **Exim versions before 4.99...

Open Happening

CPanel security patch release for CVE-2026-29201

Security Patch Release
First: 09.05.2026 10:16 Last: 09.05.2026 10:16 Sources 1

About this happening: **cPanel** released updates for **cPanel and Web Host Manager (WHM)** to fix **three vulnerabilities** that could enable **privilege escalation**, **code execution**, or **denial-...

Open Happening

Synacor Zimbra CVE-2025-48700 security patch release

Security Patch Release
First: 24.04.2026 16:35 Last: 24.04.2026 16:35 Sources 1

About this happening: Synacor released **security patches** for **CVE-2025-48700**, fixing an **XSS flaw** in **Zimbra Classic UI** that could be triggered by a **malicious email** and expose **sensiti...

Open Happening

WolfSSL security patch release (CVE-2026-5194)

Security Patch Release
First: 13.04.2026 22:56 Last: 13.04.2026 22:56 Sources 1

About this happening: The **wolfSSL project** released **version 5.9.1** to fix **CVE-2026-5194**, a cryptographic validation flaw that could let vulnerable deployments accept forged certificates. The...

Open Happening

Timeline

  1. 25.02.2026 09:04 2 articles · 3mo ago

    SolarWinds issues Serv-U 15.5.4 patch for four critical flaws

    Mitigation Patch Update

    SolarWinds released updates for Serv-U file transfer software version 15.5, fixing four critical vulnerabilities tracked as CVE-2025-40538, CVE-2025-40539, CVE-2025-40540, and CVE-2025-40541. The flaws include broken access control, type confusion, and IDOR issues rated CVSS 9.1, and successful exploitation could allow an attacker with administrative privileges to execute arbitrary or native code as root; the issues are addressed in Serv-U version 15.5.4 and no exploitation in the wild was reported.

    Show sources
    Open in new tab