HIGHVulnerability
Verified
Global
CISA KEV: SolarWinds Serv-U — SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability
·Source: CISA KEV
Updated:
Executive Summary
SolarWinds Serv-U contains an uncontrolled resource consumption vulnerability that allows specially crafted POST requests using the Content-Encoding: deflate header to crash the Serv-U service without authentication.
Analysis
SolarWinds Serv-U contains an uncontrolled resource consumption vulnerability that allows specially crafted POST requests using the Content-Encoding: deflate header to crash the Serv-U service without authentication. Added to CISA Known Exploited Vulnerabilities catalog on 2026-06-05. Remediation due: 2026-06-19.