Solarwinds

314 tracked vulnerabilities.

CVE-2025-40541 CRITICAL
Serv-U - Privilege Escalation
Feb 24, 2026
CVSS 9.1
EPSS 0.00
CVE-2025-40540 CRITICAL
Serv-U - Memory Corruption
Feb 24, 2026
CVSS 9.1
EPSS 0.00
CVE-2025-40539 CRITICAL
Serv-U - Memory Corruption
Feb 24, 2026
CVSS 9.1
EPSS 0.00
CVE-2025-40538 CRITICAL
Serv-U - Privilege Escalation
Feb 24, 2026
CVSS 9.1
EPSS 0.00
CVE-2025-40554 CRITICALNUCLEI
Solarwinds Web Help Desk < 2026.1 - Authentication Bypass
Jan 28, 2026
CVSS 9.8
EPSS 0.08
CVE-2025-40553 CRITICAL
Solarwinds Web Help Desk < 2026.1 - Insecure Deserialization
Jan 28, 2026
CVSS 9.8
EPSS 0.12
CVE-2025-40552 CRITICALNUCLEI
Solarwinds Web Help Desk < 2026.1 - Authentication Bypass
Jan 28, 2026
CVSS 9.8
EPSS 0.10
CVE-2025-40551 CRITICALKEVNUCLEI
Solarwinds Web Help Desk < 2026.1 - Insecure Deserialization
Jan 28, 2026
CVSS 9.8
EPSS 0.81
CVE-2025-40537 HIGH
Solarwinds Web Help Desk < 2026.1 - Hard-coded Credentials
Jan 28, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-40536 HIGHKEVNUCLEI
SolarWinds Web Help Desk unauthenticated RCE
Jan 28, 2026
CVSS 8.1
EPSS 0.68
CVE-2025-40549 CRITICAL
Solarwinds Serv-u < 15.5.3 - Path Traversal
Nov 18, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-40548 CRITICAL
Solarwinds Serv-u < 15.5.3 - Improper Privilege Management
Nov 18, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-40547 CRITICAL
Serv-U - Privilege Escalation
Nov 18, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-40545 MEDIUM
Solarwinds Observability Self-hosted < 2025.4.1 - Open Redirect
Nov 18, 2025
CVSS 4.8
EPSS 0.00
CVE-2025-26391 MEDIUM
Solarwinds Observability Self-hosted < 2025.4.1 - XSS
Nov 18, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-26392 MEDIUM
Solarwinds Observability Self-hosted < 2025.4 - SQL Injection
Oct 21, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-26399 CRITICAL
Solarwinds Web Help Desk < 12.8.6 - Insecure Deserialization
Sep 23, 2025
CVSS 9.8
EPSS 0.12
CVE-2024-28988 CRITICAL
Solarwinds Web Help Desk < 12.8.2 - Insecure Deserialization
Sep 01, 2025
CVSS 9.8
EPSS 0.08
CVE-2025-26398 MEDIUM
Solarwinds Database Performance Analyzer - Hard-coded Credentials
Aug 12, 2025
CVSS 5.6
EPSS 0.00
CVE-2025-26400 MEDIUM
Solarwinds Web Help Desk < 12.8.7 - XXE
Jul 29, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-26397 HIGH
Solarwinds Observability Self-hosted - Insecure Deserialization
Jul 24, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-26395 HIGH
Solarwinds Observability Self-hosted < 2025.2 - XSS
Jun 10, 2025
CVSS 7.1
EPSS 0.00
CVE-2025-26394 MEDIUM
Solarwinds Observability Self-hosted < 2025.2 - Open Redirect
Jun 10, 2025
CVSS 4.8
EPSS 0.00
CVE-2024-45712 LOW
Solarwinds Serv-u < 15.5.1 - XSS
Apr 15, 2025
CVSS 2.6
EPSS 0.00
CVE-2024-52612 MEDIUM
Solarwinds Platform < 2025.1 - XSS
Feb 11, 2025
CVSS 6.8
EPSS 0.00
Products
orion_platform 49 serv-u 39 access_rights_manager 32 solarwinds_platform 27 serv-u_file_server 20 web_help_desk 20 serv-u_ftp_server 11 database_performance_analyzer 10 n-central 9 orion_network_performance_monitor 9 network_performance_monitor 8 network_configuration_manager 7 dameware_mini_remote_control 7 observability_self-hosted 6 webhelpdesk 6 tftp_server 6 log_and_event_manager 5 kiwi_syslog_server 5 security_event_manager 4 orion_web_performance_monitor 4 patch_manager 3 server_and_application_monitor 3 log_\&_event_manager 3 storage_manager 3 virtualization_manager 3 kiwi_cattools 2 netpath 2 serv-u_mft_server 2 sftp\/scp_server 2 orion_job_scheduler 1
Quick Filters
Critical CVEs With Exploits In CISA KEV