Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

SolarWinds Serv-U denial-of-service flaw actively exploited (CVE-2026-28318)

Vulnerability
First reported
Last updated
Happening score
H score 28
1 unique sources, 1 articles

Summary

Hide ▲

SolarWinds Serv-U is facing an actively exploited denial-of-service flaw, CVE-2026-28318, that can crash servers without authentication. SolarWinds has released Serv-U 15.5.4 Hotfix 1 to fix the uncontrolled resource consumption weakness.

Related Happenings

CISA orders FCEB remediation deadlines for KEV vulnerabilities

Public Sector Action
First: 10.03.2026 08:17 Last: 10.03.2026 08:17 Sources 1

About this happening: CISA ordered **FCEB agencies** to patch **SolarWinds Web Help Desk** by **March 12, 2026** and to fix the other two KEV-listed flaws by **March 23, 2026**, tightening remediation...

Open Happening

Serv-U broken access control RCE (CVE-2025-40538)

Vulnerability
First: 24.02.2026 15:00 Last: 24.02.2026 15:00 Sources 1

About this happening: **CVE-2025-40538** in **SolarWinds Serv-U** can let attackers with **high privileges** create a system admin user and execute code as **root**, putting unpatched servers at risk o...

Open Happening

SolarWinds Web Help Desk (WHD) multi-stage exploitation wave

Exploitation Wave
First: 09.02.2026 16:42 Last: 09.02.2026 16:42 Sources 1

About this happening: **SolarWinds Web Help Desk (WHD)** exploitation is a **multi-stage intrusion wave** affecting **internet-exposed WHD instances**. The foothold remains unconfirmed, but the wave is...

Latest development: 10.03.2026 08:17

CISA added CVE-2025-26399 in SolarWinds Web Help Desk to its Known Exploited Vulnerabilities (KEV) catalog after evidence of active exploitation, said Microsoft and Huntress had reported threat actors using SolarWinds Web Help Desk flaws to obtain initial access, attributed the activity to the Warlock ransomware crew, and ordered Federal Civilian Executive Branch (FCEB) agencies to apply the fix by March 12, 2026.

Open Happening

CISA KEV remediation deadline for SolarWinds WHD CVE-2025-40551

Public Sector Action
First: 04.02.2026 07:50 Last: 04.02.2026 07:50 Sources 1

About this happening: **CISA** added **CVE-2025-40551** in **SolarWinds Web Help Desk** to the **KEV catalog** and imposed **federal remediation deadlines**, turning a newly exploited flaw into a compl...

Open Happening

Timeline

  1. 05.06.2026 22:15 1 articles · 3h ago

    SolarWinds releases Serv-U 15.5.4 Hotfix 1 for CVE-2026-28318

    Mitigation Patch Update

    SolarWinds released Serv-U 15.5.4 Hotfix 1 to patch the Serv-U denial-of-service flaw CVE-2026-28318, which stems from an uncontrolled resource consumption weakness and can be triggered by specially crafted POST requests using Content-Encoding: deflate.

    Show sources
    Open in new tab
  2. 05.06.2026 22:15 2 articles · 3h ago

    CISA warns hackers are actively exploiting CVE-2026-28318 to crash Serv-U servers

    Initial Disclosure

    CISA warned that hackers are actively exploiting the recently patched SolarWinds Serv-U flaw CVE-2026-28318 against exposed Serv-U servers, where unauthenticated attackers can use specially crafted POST requests with Content-Encoding: deflate to crash the Serv-U service.

    Show sources
    Open in new tab
  3. 05.06.2026 22:15 1 articles · 3h ago

    CISA adds CVE-2026-28318 to the KEV Catalog and orders patching by June 19

    Legal Policy Action Update

    CISA added CVE-2026-28318 to the Known Exploited Vulnerabilities Catalog and ordered Federal Civilian Executive Branch agencies to patch Serv-U servers by June 19 under Binding Operational Directive 22-01, while also urging other defenders to secure exposed systems as soon as possible.

    Show sources
    Open in new tab