Find notable cyber news and cases, enriched with sources, timelines, and signals.

SolarWinds security patch release for CVE-2025-40538

Security Patch Release
First reported
Last updated
Happening score
H score 64
1 unique sources, 1 articles

Summary

Hide ▲

SolarWinds released Serv-U updates that fix four critical flaws in version 15.5, reducing the risk of remote code execution. The patched issues are tracked as CVE-2025-40538 through CVE-2025-40541 and are addressed in Serv-U version 15.5.4.

Related Happenings

FFmpeg 8.1.2 security update (CVE-2026-8461)

Security Patch Release
H score36 First: 23.06.2026 00:05 Last: 23.06.2026 00:05 Sources 1

About this happening: **FFmpeg** shipped **version 8.1.2** to fix **CVE-2026-8461** in the **MagicYUV decoder**, closing a heap out-of-bounds write that could affect **FFmpeg-based applications**. The...

CISA KEV mitigation for LiteSpeed cPanel Plugin (CVE-2026-54420)

Advisory/Mitigation
H score38 First: 16.06.2026 08:41 Last: 16.06.2026 08:41 Sources 1

About this happening: CISA put **CVE-2026-54420** in **LiteSpeed cPanel Plugin** on the **KEV catalog**, ordering **FCEB agencies** to apply fixes by **June 18, 2026**. The flaw is a **CVSS 8.5 privile...

SimpleHelp security update for CVE-2026-48558

Security Patch Release
H score65 First: 15.06.2026 23:06 Last: 15.06.2026 23:06 Sources 1

About this happening: **SimpleHelp** released **5.5.16** and **6.0 RC2** on **June 9** to fix **CVE-2026-48558**, a critical **OIDC** authentication flaw in **SimpleHelp remote management software** th...

Langflow security patch release for CVE-2026-5027

Security Patch Release
H score38 First: 11.06.2026 00:23 Last: 11.06.2026 00:23 Sources 1

About this happening: **Langflow** shipped fixes for **CVE-2026-5027**, closing a **path traversal** flaw that let attackers write arbitrary files on exposed servers. The patch landed in **langflow-bas...

SolarWinds Serv-U advisory and mitigations for CVE-2026-28318

Advisory/Mitigation
H score52 First: 06.06.2026 11:14 Last: 06.06.2026 11:14 Sources 1

About this happening: **SolarWinds Serv-U** mitigation guidance now covers **CVE-2026-28318**, reducing **unauthenticated DoS** risk from specially crafted POST requests. SolarWinds says the flaw is ad...

Timeline

  1. 25.02.2026 09:04 2 articles · 4mo ago

    SolarWinds issues Serv-U 15.5.4 patch for four critical flaws

    Mitigation Patch Update

    SolarWinds released updates for Serv-U file transfer software version 15.5, fixing four critical vulnerabilities tracked as CVE-2025-40538, CVE-2025-40539, CVE-2025-40540, and CVE-2025-40541. The flaws include broken access control, type confusion, and IDOR issues rated CVSS 9.1, and successful exploitation could allow an attacker with administrative privileges to execute arbitrary or native code as root; the issues are addressed in Serv-U version 15.5.4 and no exploitation in the wild was reported.

    Show sources