CISA Urges Patching Actively Exploited SolarWinds Serv-U DoS Vulnerability (CVE-2026-28318)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed that a denial-of-service vulnerability (CVE-2026-28318) in SolarWinds Serv-U file transfer servers is being actively exploited by attackers. CISA has directed U.S. federal civilian agencies to apply the available patch or implement mitigations by June 19, 2026. The flaw allows remote, unauthenticated attackers to crash the service by sending crafted HTTP POST requests.
Want more?
Open NewsSnap.ai for the full app experience, including audio, personalization, and more news tools.