THREATOPS
THREAT OPSCVEs › CVE-2026-28318

CVE-2026-28318 — SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability

CISA KEVExploited: confirmedSolarWinds

SolarWinds Serv-U contains an uncontrolled resource consumption vulnerability that allows specially crafted POST requests using the Content-Encoding: deflate header to crash the Serv-U service without authentication.

Vulnerability details

Related reporting