CVE-2026-28318: SolarWinds Serv-U Uncontrolled Resource Consumption
SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability. SolarWinds Serv-U contains an uncontrolled resource consumption vulnerability that allows specially crafted POST requests using the Content-Encoding: deflate header to crash the Serv-U service without authentication.
- CISA KEV-listed (remediation due 2026-06-19)
- EPSS 7.8% (92.2% percentile)