CVE-2025-40551CRITICAL · 9.8TrackedCISA KEV

SolarWinds · Web Help Desk

SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.

Disclosed

2026-01-28

133 days ago

Status

no honeypot capture yet

on CISA KEV — watching

7-day events

across 0 distinct IPs

7-day spread

0 ASN · 0 cty

0 active days

Top ASNs

No events captured yet.

Top countries

No events captured yet.

References

https://www.solarwinds.com/trust-center/security-advisories/cve-2025-40551
https://nvd.nist.gov/vuln/detail/CVE-2025-40551

↗ NVD ↗ CISA KEV ↗ Search analyses