CISA Warns of Actively Exploited SolarWinds Serv-U Vulnerability

Critical Serv-U flaw CVE-2026-28318 added to CISA's catalog. Patch urgently to prevent remote crashes via malicious POST requests.

By Content Team

Jun 6, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

CISA added a critical SolarWinds Serv-U flaw, CVE-2026-28318, to its Known Exploited Vulnerabilities catalog on June 5, 2026, with a remediation deadline of June 19 for federal agencies.

The vulnerability lets unauthenticated attackers crash Serv-U file transfer software remotely by sending a malicious POST request with a Content-Encoding: deflate header — no credentials required. That zero-privilege, network-accessible attack path makes it especially dangerous for organizations with Serv-U exposed to the internet.

SolarWinds has released a fix in version 15.5.4 Hotfix 1. All organizations should patch immediately, restrict Serv-U exposure behind a firewall or VPN, and monitor logs for suspicious POST requests.

Source: Cybersecurity News

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Python Repositories Hit by Sophisticated Malware Campaign Using Stolen VS Code Credentials

Mar 17, 2026

Nearly 33,000 NHS Patients Caught Up in 2024 Ransomware Attack

Jun 4, 2026

CISA Issues Urgent Warning as Hackers Exploit Critical Craft CMS Vulnerability

Mar 24, 2026

FortiGate Firewalls Under Attack: Hackers Exploit Critical Vulnerabilities to Steal Corporate Credentials

Mar 15, 2026