SolarWinds CVE coverage for IT operations, monitoring, service management, file-transfer, and MSP-adjacent tooling.
Vendor watch hub
The SolarWindswatch hub is a vendor-specific view inside ITECS MSP Threat Radar. We pull the latest security advisories, incidents, and known-exploited CVEs directly from the official feeds below, score each one for MSP relevance, and surface what's most likely to need attention this week.
At a glance
Tracked
Active
Featured
Unique CVEs
Most recent entry
Mar 8, 2026, 7:00 PM
Feed refreshes daily · 5:15 a.m. Central
Sources·CISA KEV and NVD (product vendor coverage)
"Most recent entry" is the newest item the upstream feed has published — not our sync time.
Watch items
Showing the 10 most recent items, newest first. Each row links to the official advisory.
10 rows · sorted newest first
Operations viewSolarWinds Web Help Desk contain a deserialization of untrusted data vulnerability in AjaxProxy that could allow an attacker to run commands on the host machine.
SolarWinds Web Help Desk contains a security control bypass vulnerability that could allow an unauthenticated attacker to gain access to certain restricted functionality.
SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.
SolarWinds Web Help Desk contains a hardcoded credential vulnerability that could allow a remote, unauthenticated user to access internal functionality and modify data.
SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could allow for remote code execution.
SolarWinds Serv-U contains a path traversal vulnerability that allows an attacker access to read sensitive files on the host machine.
SolarWinds Serv-U versions 15.2.5 and earlier contain an improper input validation vulnerability that allows attackers to build and send queries without sanitization.
SolarWinds Serv-U contains an unspecified memory escape vulnerability which can allow for remote code execution. Known ransomware use: Known.
SolarWinds Orion API contains an authentication bypass vulnerability that could allow a remote attacker to execute API commands.
SolarWinds Virtualization Manager 6.3.1 and earlier allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by "sudo cat /etc/passwd."
| Alert | Exposure | Status | Published | Source |
|---|---|---|---|---|
SolarWinds Web Help Desk Deserialization of Untrusted Data VulnerabilitySolarWinds Web Help Desk contain a deserialization of untrusted data vulnerability in AjaxProxy that could allow an attacker to run commands on the host machine. Web Help Desk | criticalCVE-2025-26399 Critical | active | Mar 8, 2026, 7:00 PM | CISA KEVOpen source |
SolarWinds Web Help Desk Security Control Bypass VulnerabilitySolarWinds Web Help Desk contains a security control bypass vulnerability that could allow an unauthenticated attacker to gain access to certain restricted functionality. Web Help Desk | criticalCVE-2025-40536 Critical | active | Feb 11, 2026, 6:00 PM | CISA KEVOpen source |
SolarWinds Web Help Desk Deserialization of Untrusted Data VulnerabilitySolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication. Web Help Desk | criticalCVE-2025-40551 Critical | active | Feb 2, 2026, 6:00 PM | CISA KEVOpen source |
SolarWinds Web Help Desk Hardcoded Credential VulnerabilitySolarWinds Web Help Desk contains a hardcoded credential vulnerability that could allow a remote, unauthenticated user to access internal functionality and modify data. Web Help Desk | criticalCVE-2024-28987 Critical | active | Oct 14, 2024, 7:00 PM | CISA KEVOpen source |
SolarWinds Web Help Desk Deserialization of Untrusted Data VulnerabilitySolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could allow for remote code execution. Web Help Desk | criticalCVE-2024-28986 Critical | active | Aug 14, 2024, 7:00 PM | CISA KEVOpen source |
SolarWinds Serv-U Path Traversal VulnerabilitySolarWinds Serv-U contains a path traversal vulnerability that allows an attacker access to read sensitive files on the host machine. Serv-U | criticalCVE-2024-28995 Critical | active | Jul 16, 2024, 7:00 PM | CISA KEVOpen source |
SolarWinds Serv-U Improper Input Validation VulnerabilitySolarWinds Serv-U versions 15.2.5 and earlier contain an improper input validation vulnerability that allows attackers to build and send queries without sanitization. Serv-U | criticalCVE-2021-35247 Critical | active | Jan 20, 2022, 6:00 PM | CISA KEVOpen source |
SolarWinds Serv-U Remote Code Execution VulnerabilitySolarWinds Serv-U contains an unspecified memory escape vulnerability which can allow for remote code execution. Known ransomware use: Known. Serv-U | criticalCVE-2021-35211 Critical | active | Nov 2, 2021, 7:00 PM | CISA KEVOpen source |
SolarWinds Orion Authentication Bypass VulnerabilitySolarWinds Orion API contains an authentication bypass vulnerability that could allow a remote attacker to execute API commands. Orion | criticalCVE-2020-10148 Critical | active | Nov 2, 2021, 7:00 PM | CISA KEVOpen source |
virtualization manager vulnerability (CVE-2016-3643)SolarWinds Virtualization Manager 6.3.1 and earlier allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by "sudo cat /etc/passwd." virtualization manager | HIGHCVE-2016-3643 Critical | active | Jun 17, 2016, 10:59 AM | CISA KEVOpen source |
ITECS response pathways
These pathways connect the vendor watch feed into service-owner resources that already carry commercial authority.
Use the network monitoring pathway when this vendor alert needs an ITECS-managed response plan.
Connect the vendor watch page to broader managed detection, response, and governance planning.
Translate current watch items into a faster risk snapshot and prioritized remediation plan.
Return to the hub for cross-vendor prioritization, live filtering, and broader MSP threat context.
Vendor watch FAQ
It is the SolarWinds-specific view inside ITECS Threat Radar, built to track recent advisories, incidents, and watch items that may affect Dallas-area business operations.
Use it to confirm whether current SolarWinds issues overlap with your environment, prioritize remediation, and decide whether you need an assessment, managed security follow-through, or vendor-specific hardening work.
Yes. ITECS can help map SolarWinds advisories against your systems, validate affected services, prioritize remediation, and connect the issue to broader managed cybersecurity or managed IT workflows.