CISA has added a high-severity denial-of-service vulnerability (CVE-2026-28318) affecting SolarWinds Serv-U file server software to its Known Exploited Vulnerabilities catalog due to evidence of active exploitation in the wild. The flaw, with a CVSS score of 7.5, can cause the service to crash, potentially disrupting critical file transfer operations for enterprise organizations.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting SolarWinds Serv-U multi-protocol file server software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-28318 (CVSS score: 7.5), is a denial-of-service (DoS) bug that causes the service to crash
Originally published at thehackernews.com
60-minute technical evaluation, no obligation. We'll map the ideas in this article to your environment.
