SolarWinds Web Help Desk RCE Vulnerability Exploited
⚠️ The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-40551 — a critical remote code execution flaw in SolarWinds Web Help Desk — to its Known Exploited Vulnerabilities catalog after reports of active exploitation. The vendor patched multiple high-severity bugs on January 28 and assigned CVSS scores of 9.8. Administrators are urged to apply the vendor update to Web Help Desk 2026.1 immediately to mitigate unauthenticated deserialization and authentication-bypass risks.
