Live Latest activity →

Solarwinds Serv-u Vulnerabilities

5 advisories affecting Solarwinds Serv-u

5

Total CVEs

4

Critical

1

High

CVE-2026-28318

Jun 4, 2026

High (7.5)

SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate. Mitigation steps are provided to secure custom...

Read Advisory

CVE-2025-40538

Feb 24, 2026

Critical (9.1)

A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via do...

Read Advisory

CVE-2025-40539

Feb 24, 2026

Critical (9.1)

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative pr...

Read Advisory

CVE-2025-40540

Feb 24, 2026

Critical (9.1)

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative pr...

Read Advisory

CVE-2025-40541

Feb 24, 2026

Critical (9.1)

An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account. This issue require...

Read Advisory

Never Miss a Critical Alert

CVE advisories, breach reports, and threat intel — delivered daily to your inbox.