THREATNOIR
Subscribe
Back to Feed
VulnerabilitiesJun 5, 2026

‼️ CISA has added CVE-2026-28318 to the KEV Catalog https://t.co/9idGUAHIKd SolarWinds Serv-U c...

CISA adds SolarWinds Serv-U DoS vulnerability CVE-2026-28318 to KEV catalog

Read at source

Summary

CISA has added CVE-2026-28318 to its Known Exploited Vulnerabilities (KEV) catalog, marking a critical uncontrolled resource consumption flaw in SolarWinds Serv-U. The vulnerability allows attackers to crash the Serv-U service via specially crafted POST requests using the Content-Encoding: deflate header. This KEV listing indicates active exploitation in the wild and represents a significant threat requiring immediate patching.

Indicators of Compromise

  • cve — CVE-2026-28318

Entities

SolarWinds (vendor)Serv-U (product)CISA (vendor)