SolarWinds security patch release for CVE-2026-28318
Security Patch Release
Summary
Hide ▲
Show ▼
SolarWinds released Serv-U 15.5.4 Hotfix 1 for CVE-2026-28318, an actively exploited denial-of-service flaw that can crash exposed Serv-U servers. The update fixes an uncontrolled resource consumption weakness and covers the Windows and Linux file transfer product used for MFT and FTP services. Administrators that cannot patch immediately were told to restrict access and block POST requests containing content-encoding.
Related Happenings
Ivanti security patch release for CVE-2026-8043
Security Patch Release
First: 18.05.2026 13:54
Last: 18.05.2026 13:54
Sources 1
About this happening:
**Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...
Ivanti security patch release for CVE-2026-8043
Security Patch ReleaseAbout this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...
CPanel security patch release for CVE-2026-29201
Security Patch Release
First: 09.05.2026 10:16
Last: 09.05.2026 10:16
Sources 1
About this happening:
**cPanel** released updates for **cPanel and Web Host Manager (WHM)** to fix **three vulnerabilities** that could enable **privilege escalation**, **code execution**, or **denial-...
CPanel security patch release for CVE-2026-29201
Security Patch ReleaseAbout this happening: **cPanel** released updates for **cPanel and Web Host Manager (WHM)** to fix **three vulnerabilities** that could enable **privilege escalation**, **code execution**, or **denial-...
CPanel security patch release for CVE-2026-41940
Security Patch Release
First: 29.04.2026 12:37
Last: 29.04.2026 12:37
Sources 1
About this happening:
**cPanel** released **security updates** for **cPanel and WHM** after an **authentication bypass** flaw could let remote attackers reach control-panel access, with fixes now cover...
CPanel security patch release for CVE-2026-41940
Security Patch ReleaseAbout this happening: **cPanel** released **security updates** for **cPanel and WHM** after an **authentication bypass** flaw could let remote attackers reach control-panel access, with fixes now cover...
Latest development: 04.05.2026 22:14
CVE-2026-41940 in cPanel, WebHost Manager (WHM), and WP Squared was rapidly exploited after public disclosure, with Censys reporting attacks from multiple threat actors within 24 hours and about 15,000 potentially compromised instances in the first day. KnownHost said about 30 managed cPanel servers showed attempted exploitation, WatchTowr Labs published a PoC exploit and technical analysis, and Defused said much of the observed activity copied WatchTowr's PoC exactly.
Microsoft April 2026 Patch Tuesday security update (165 CVEs)
Security Patch Release
First: 15.04.2026 00:22
Last: 15.04.2026 00:22
Sources 1
About this happening:
**Microsoft** shipped **April 2026 Patch Tuesday** updates covering **165 CVEs**, including an **actively exploited zero-day** and a **publicly disclosed** flaw, creating immediat...
Microsoft April 2026 Patch Tuesday security update (165 CVEs)
Security Patch ReleaseAbout this happening: **Microsoft** shipped **April 2026 Patch Tuesday** updates covering **165 CVEs**, including an **actively exploited zero-day** and a **publicly disclosed** flaw, creating immediat...
Fortinet FortiClient EMS emergency patch release (CVE-2026-35616, CVE-2026-21643)
Security Patch Release
First: 07.04.2026 12:26
Last: 07.04.2026 12:26
Sources 1
About this happening:
**Fortinet FortiClient EMS** is a **security-patch release** happening centered on **CVE-2026-35616** and **CVE-2026-21643**. Fortinet issued an **out-of-band emergency hotfix** a...
Fortinet FortiClient EMS emergency patch release (CVE-2026-35616, CVE-2026-21643)
Security Patch ReleaseAbout this happening: **Fortinet FortiClient EMS** is a **security-patch release** happening centered on **CVE-2026-35616** and **CVE-2026-21643**. Fortinet issued an **out-of-band emergency hotfix** a...
Latest development: 28.05.2026 18:26
Arctic Wolf observed threat actors abusing FortiClient Endpoint Management Server (EMS) and CVE-2026-35616 in May 2026 to modify EMS-managed configuration, disguise FortiEndpoint_Patch.exe as a Fortinet endpoint update, and use fortitray.exe, cmd.exe, and a Base64-encoded PowerShell chain to download malware and exfiltrate browser data to 83.138.53[.]110.
Timeline
-
05.06.2026 22:15 2 articles · 3h ago
SolarWinds releases Serv-U 15.5.4 Hotfix 1 for CVE-2026-28318
Mitigation Patch UpdateSolarWinds released Serv-U 15.5.4 Hotfix 1 for the Serv-U file transfer product to patch CVE-2026-28318, a denial-of-service flaw caused by an uncontrolled resource consumption weakness. The issue affects the Windows and Linux Serv-U service used for MFT and FTP capabilities, and the vendor advised administrators to install the hotfix or temporarily restrict access and block POST requests containing "content-encoding" if immediate patching is not possible.
Show sources
- CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers — www.bleepingcomputer.com — 05.06.2026 22:15
- CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers — www.bleepingcomputer.com — 05.06.2026 22:15
-
05.06.2026 22:15 1 articles · 3h ago
CISA adds actively exploited Serv-U flaw CVE-2026-28318 to the KEV Catalog
Legal Policy Action UpdateCISA warned that hackers are actively exploiting CVE-2026-28318 against Serv-U servers, added the flaw to the Known Exploited Vulnerabilities Catalog, and ordered Federal Civilian Executive Branch agencies to patch by June 19 under Binding Operational Directive 22-01. The agency also urged private-sector defenders to secure exposed networks as soon as possible.
Show sources
- CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers — www.bleepingcomputer.com — 05.06.2026 22:15