The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-28318 to its Known Exploited Vulnerabilities (KEV) catalog after confirming that threat actors are actively targeting a high-severity flaw in SolarWinds Serv-U to remotely crash file transfer servers without requiring authentication. The flaw CVE-2026-28318 is classified as an uncontrolled resource consumption flaw (CWE-400) in SolarWinds Serv-U, the company’s widely […]
The post CISA Warns of Exploited SolarWinds Serv-U Vulnerability appeared first on Cyber Security News.