CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)
Mon Jun 08 2026
Government
Patch Management
Vulnerability
www.helpnetsecurity.com
A vulnerability (CVE-2026-28318) that can be exploited to crash SolarWinds Serv-U file transfer servers is being leveraged by attackers in the wild, the US Cybersecurity and Infrastructure Security Agency (CISA) confirmed on Friday. The agency has ordered US federal civilian agencies to address it by June 19, 2026, either by implementing a patch or implementing mitigations. About CVE-2026-28318 CVE-2026-28318 is an uncontrolled resource consumption vulnerability that can be triggered by remote, unauthenticated attackers. The flaw … More →
The post CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318) appeared first on Help Net Security.