CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog

CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog

/in

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog, flagging it as actively exploited in attacks.
The vulnerability, tracked as CVE-2025-40551 (CVSS score: 9.8), is a untrusted data deserialization vulnerability that could pave the way for remote

The Hacker News – ​Read More