Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SolarWinds — Vulnerabilities & Security Advisories 166

Browse all 166 CVE security advisories affecting SolarWinds. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by SolarWinds:Access Rights ManagerSolarWinds PlatformOrion PlatformWeb Help DeskServ-USolarWinds Observability Self-HostedKiwi Syslog ServerPatch ManagerDatabase Performance AnalyzerNetwork Configuration ManagerNetwork Performance MonitorDatabase Performance Analyzer (DPA)ServUSolarWinds Platform Kiwi CatToolsSolarWindsSolarWinds Serv-UDPAKiwi Syslog NGService DeskHybrid Cloud Observability (HCO)/ SolarWinds PlatformServer & Application Monitor (SAM)Dameware Mini Remote Control ServiceObservability Self-HostedSQL SentryServ-U File ServerWebHelpDeskServ-U FTP ServerOrionEngineer's Toolset
CVE IDTitleCVSSSeverityPublished
CVE-2026-28298 SolarWinds Observability Self-Hosted Stored Cross-Site Scripting Vulnerability — SolarWinds Observability Self-HostedCWE-79 5.9 Medium2026-03-26
CVE-2026-28297 SolarWinds Observability Self-Hosted Stored Cross-Site Scripting Vulnerability — SolarWinds Observability Self-HostedCWE-79 6.1 Medium2026-03-26
CVE-2025-40541 SolarWinds Serv-U Insecure Direct Object Reference (IDOR) Remote Code Execution Vulnerability — Serv-UCWE-704 9.1 Critical2026-02-24
CVE-2025-40540 SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability — Serv-UCWE-704 9.1 Critical2026-02-24
CVE-2025-40539 SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability — Serv-UCWE-704 9.1 Critical2026-02-24
CVE-2025-40538 SolarWinds Serv-U Broken Access Control Remote Code Execution Vulnerability — Serv-UCWE-269 9.1 Critical2026-02-24
CVE-2025-40554 SolarWinds Web Help Desk Authentication Bypass Vulnerability — Web Help DeskCWE-1390 9.8 Critical2026-01-28
CVE-2025-40553 SolarWinds Web Help Desk Deserialization of Untrusted Data Remote Code Execution Vulnerability — Web Help DeskCWE-502 9.8 Critical2026-01-28
CVE-2025-40552 SolarWinds Web Help Desk Authentication Bypass Vulnerability — Web Help DeskCWE-1390 9.8 Critical2026-01-28
CVE-2025-40551 SolarWinds Web Help Desk Deserialization of Untrusted Data Remote Code Execution Vulnerability — Web Help DeskCWE-502 9.8 Critical2026-01-28
CVE-2025-40537 SolarWinds Web Help Desk Hardcoded Credentials Vulnerability — Web Help DeskCWE-798 7.5 High2026-01-28
CVE-2025-40536 SolarWinds Web Help Desk Security Control Bypass Vulnerability — Web Help DeskCWE-693 8.1 High2026-01-28
CVE-2025-40545 SolarWinds Observability Self-Hosted Open Redirection Vulnerability — SolarWinds Observability Self-HostedCWE-601 4.8 Medium2025-11-18
CVE-2025-26391 SolarWinds Observability Self-Hosted XSS Vulnerability — SolarWinds Observability Self-HostedCWE-79 5.4 Medium2025-11-18
CVE-2025-40549 SolarWinds Serv-U Path Restriction Bypass Vulnerability — Serv-UCWE-22 9.1 Critical2025-11-18
CVE-2025-40548 SolarWinds Serv-U Broken Access Control - Remote Code Execution Vulnerability — Serv-UCWE-269 9.1 Critical2025-11-18
CVE-2025-40547 SolarWinds Serv-U Logic Abuse - Remote Code Execution Vulnerability — Serv-UCWE-116 9.1 Critical2025-11-18
CVE-2025-26392 SolarWinds Observability Self-Hosted SQL Injection Vulnerability — Observability Self-HostedCWE-89 5.4 Medium2025-10-21
CVE-2025-26399 SolarWinds Web Help Desk Deserialization of Untrusted Data Privilege Escalation Vulnerability — Web Help DeskCWE-502 9.8 Critical2025-09-23
CVE-2024-28988 SolarWinds Web Help Desk Java Deserialization Remote Code Execution Vulnerability — Web Help DeskCWE-502 9.8 Critical2025-09-01
CVE-2025-26398 SolarWinds Database Performance Analyzer Hard-coded Cryptographic Key Vulnerability — Database Performance AnalyzerCWE-798 5.6 Medium2025-08-12
CVE-2025-26400 SolarWinds Web Help Desk XML External Entity Injection (XXE) Vulnerability — Web Help DeskCWE-611 5.3 Medium2025-07-29
CVE-2025-26397 SolarWinds Observability Self-Hosted Deserialization of Untrusted Data Local Privilege Escalation Vulnerability — SolarWinds Observability Self-HostedCWE-502 7.8 High2025-07-24
CVE-2025-26395 SolarWinds SWOSH DOM-based reflective XSS Vulnerability — SolarWinds Observability Self-HostedCWE-79 7.1 High2025-06-10
CVE-2025-26394 SolarWinds SWOSH Open Redirection Vulnerability — SolarWinds Observability Self-HostedCWE-601 4.8 Medium2025-06-10
CVE-2025-26396 SolarWinds Dameware Mini Remote Control Service Incorrect Permissions Local Privilege Escalation Vulnerability — Dameware Mini Remote Control ServiceCWE-269 7.8 High2025-06-02
CVE-2024-45712 SolarWinds Serv-U Client-Side Cross-Site Scripting Vulnerability — Serv-UCWE-79 2.6 Low2025-04-15
CVE-2025-26393 SolarWinds Service Desk Broken Access Control Vulnerability — Service DeskCWE-653 5.4 Medium2025-03-17
CVE-2024-52611 SolarWinds Platform Information Disclosure Vulnerability — SolarWinds PlatformCWE-209 3.5 Low2025-02-11
CVE-2024-52612 SolarWinds Platform Reflected Cross-Site Scripting Vulnerability — SolarWinds PlatformCWE-79 6.8 Medium2025-02-11

This page lists every published CVE security advisory associated with SolarWinds. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.