The Hacker News

SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw

The vulnerability, tracked as CVE-2025-26399 (CVSS score: 9.8), has been described as an instance of deserialization of ...
CSO Online

SolarWinds fixes Web Help Desk patch bypass for actively exploited flaw — again

Third time’s the charm?’ asks a prominent security researcher after what appears to be the same critical Java deserialization ...

Third time's the charm? SolarWinds (again) patches critical Web Help Desk RCE

Then in October 2024, SolarWinds disclosed and tried to patch CVE-2024-28988, another 9.8-rated Web Help Desk Java ...
Computer Weekly

SolarWinds warns over dangerous RCE flaw

A newly-uncovered RCE flaw in SolarWinds' helpdesk product bypasses two previously-issued fixes, and users should prioritise ...
Cyber Daily

SolarWinds releases third Web Help Desk patch to address known flaw

Exploitation of the latest patch bypass vulnerability is “only a matter of time”, according to one security expert.