CISA warns of active exploitation of critical SolarWinds vulnerability
A critical remote-code-execution vulnerability CVE-2025-40551 in SolarWinds Web Help Desk is actively exploited; federal agencies must install the patch within three days.
Fresh SolarWinds Vulnerability Exploited in Attacks
Threat actors are actively exploiting an unauthenticated deserialization RCE in SolarWinds Web Help Desk (CVE-2025-40551); immediate patching is required.
CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog
A critical untrusted-data deserialization vulnerability in SolarWinds Web Help Desk (CVE-2025-40551) enables unauthenticated remote code execution and is actively exploited.