CVE Details
CVE-2026-28318
SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability
Published: 2026-06-05
CVSS: 7.5 HIGH
Product: SolarWinds Serv-U
Due Date: 2026-06-19
SolarWinds Serv-U contains an uncontrolled resource consumption vulnerability that allows specially crafted POST requests using the Content-Encoding: deflate header to crash the Serv-U service without authentication.
GitHub PoC
Warning: GitHub PoC repositories are unverified. Some may be fake
or contain malware. Use caution and review code before running anything.
No GitHub PoC data.
FIRST EPSS
EPSS estimates the probability of exploitation in the next 30 days. Higher values indicate higher likelihood of real-world exploitation.
No EPSS data.
Timeline
CVE Stalker
KEV
MITRE
GitHub
FIRST (EPSS)
MITRE
CVSS
SSVC
References
Show Raw Data
| Key | Remaining Key | Value |
|---|---|---|
| dataType | CVE_RECORD | |
| dataVersion | 5.2 | |
| cveMetadata > | cveId | CVE-2026-28318 |
| cveMetadata > | assignerOrgId | 49f11609-934d-4621-84e6-e02e032104d6 |
| cveMetadata > | state | PUBLISHED |
| cveMetadata > | assignerShortName | SolarWinds |
| cveMetadata > | dateReserved | 2026-02-26T14:46:41.520Z |
| cveMetadata > | datePublished | 2026-06-04T14:05:58.218Z |
| cveMetadata > | dateUpdated | 2026-06-04T15:12:33.510Z |
| containers > | cna > affected > 0 > defaultStatus | unaffected |
| containers > | cna > affected > 0 > platforms > 0 | Windows |
| containers > | cna > affected > 0 > platforms > 1 | Linux |
| containers > | cna > affected > 0 > product | Serv-U |
| containers > | cna > affected > 0 > vendor | SolarWinds |
| containers > | cna > affected > 0 > versions > 0 > status | affected |
| containers > | cna > affected > 0 > versions > 0 > version | 15.5.4 and previous versions |
| containers > | cna > descriptions > 0 > lang | en |
| containers > | cna > descriptions > 0 > supportingMedia > 0 > base64 | False |
| containers > | cna > descriptions > 0 > supportingMedia > 0 > type | text/html |
| containers > | cna > descriptions > 0 > supportingMedia > 0 > value | SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate. Mitigation steps are provided to secure customer environments in the SolarWinds Trust Center if you are unable to deploy the update <br> |
| containers > | cna > descriptions > 0 > value | SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate. Mitigation steps are provided to secure customer environments in the SolarWinds Trust Center if you are unable to deploy the update |
| containers > | cna > impacts > 0 > capecId | CAPEC-469 |
| containers > | cna > impacts > 0 > descriptions > 0 > lang | en |
| containers > | cna > impacts > 0 > descriptions > 0 > value | CAPEC-469 HTTP DoS |
| containers > | cna > metrics > 0 > cvssV3_1 > attackComplexity | LOW |
| containers > | cna > metrics > 0 > cvssV3_1 > attackVector | NETWORK |
| containers > | cna > metrics > 0 > cvssV3_1 > availabilityImpact | HIGH |
| containers > | cna > metrics > 0 > cvssV3_1 > baseScore | 7.5 |
| containers > | cna > metrics > 0 > cvssV3_1 > baseSeverity | HIGH |
| containers > | cna > metrics > 0 > cvssV3_1 > confidentialityImpact | NONE |
| containers > | cna > metrics > 0 > cvssV3_1 > integrityImpact | NONE |
| containers > | cna > metrics > 0 > cvssV3_1 > privilegesRequired | NONE |
| containers > | cna > metrics > 0 > cvssV3_1 > scope | UNCHANGED |
| containers > | cna > metrics > 0 > cvssV3_1 > userInteraction | NONE |
| containers > | cna > metrics > 0 > cvssV3_1 > vectorString | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| containers > | cna > metrics > 0 > cvssV3_1 > version | 3.1 |
| containers > | cna > metrics > 0 > format | CVSS |
| containers > | cna > metrics > 0 > scenarios > 0 > lang | en |
| containers > | cna > metrics > 0 > scenarios > 0 > value | GENERAL |
| containers > | cna > problemTypes > 0 > descriptions > 0 > cweId | CWE-400 |
| containers > | cna > problemTypes > 0 > descriptions > 0 > description | CWE-400 Uncontrolled Resource Consumption |
| containers > | cna > problemTypes > 0 > descriptions > 0 > lang | en |
| containers > | cna > problemTypes > 0 > descriptions > 0 > type | CWE |
| containers > | cna > providerMetadata > orgId | 49f11609-934d-4621-84e6-e02e032104d6 |
| containers > | cna > providerMetadata > shortName | SolarWinds |
| containers > | cna > providerMetadata > dateUpdated | 2026-06-04T14:05:58.218Z |
| containers > | cna > references > 0 > url | https://www.solarwinds.com/trust-center/security-advisories/CVE-2026-28318 |
| containers > | cna > references > 1 > url | https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-4-hotfix-1_release_notes.htm |
| containers > | cna > solutions > 0 > lang | en |
| containers > | cna > solutions > 0 > supportingMedia > 0 > base64 | False |
| containers > | cna > solutions > 0 > supportingMedia > 0 > type | text/html |
| containers > | cna > solutions > 0 > supportingMedia > 0 > value | Upgrade to SolarWinds Serv-U 15.5.4 Hotfix 1. Use the mitigation steps until the upgrade is possible. |
| containers > | cna > solutions > 0 > value | Upgrade to SolarWinds Serv-U 15.5.4 Hotfix 1. Use the mitigation steps until the upgrade is possible. |
| containers > | cna > source > discovery | UNKNOWN |
| containers > | cna > title | SolarWinds Serv-U Unauthenticated Denial of Service Vulnerability |
| containers > | cna > workarounds > 0 > lang | en |
| containers > | cna > workarounds > 0 > supportingMedia > 0 > base64 | False |
| containers > | cna > workarounds > 0 > supportingMedia > 0 > type | text/html |
| containers > | cna > workarounds > 0 > supportingMedia > 0 > value | Block any POST requests containing 'Content-Encoding: deflate'. This function is not required for SolarWinds Serv-U. <br> |
| containers > | cna > workarounds > 0 > value | Block any POST requests containing 'Content-Encoding: deflate'. This function is not required for SolarWinds Serv-U. |
| containers > | cna > x_generator > engine | Vulnogram 0.1.0-dev |
| containers > | adp > 0 > metrics > 0 > other > type | ssvc |
| containers > | adp > 0 > metrics > 0 > other > content > timestamp | 2026-06-04T15:09:27.647219Z |
| containers > | adp > 0 > metrics > 0 > other > content > id | CVE-2026-28318 |
| containers > | adp > 0 > metrics > 0 > other > content > options > 0 > Exploitation | none |
| containers > | adp > 0 > metrics > 0 > other > content > options > 1 > Automatable | yes |
| containers > | adp > 0 > metrics > 0 > other > content > options > 2 > Technical Impact | partial |
| containers > | adp > 0 > metrics > 0 > other > content > role | CISA Coordinator |
| containers > | adp > 0 > metrics > 0 > other > content > version | 2.0.3 |
| containers > | adp > 0 > title | CISA ADP Vulnrichment |
| containers > | adp > 0 > providerMetadata > orgId | 134c704f-9b21-4f2e-91b3-4a467353bcc0 |
| containers > | adp > 0 > providerMetadata > shortName | CISA-ADP |
| containers > | adp > 0 > providerMetadata > dateUpdated | 2026-06-04T15:12:33.510Z |