CISA Warns of SolarWinds Serv-U Vulnerability Exploited in Attacks

CISA added CVE-2026-28318 — an Uncontrolled Resource Consumption (CWE-400) flaw in SolarWinds Serv-U that allows unauthenticated remote attackers to crash the service via specially crafted POST requests with a Content-Encoding:deflate header — to its Known Exploited Vulnerabilities catalog; SolarWinds has released Serv-U 15.5.4 Hotfix 1 and organizations are urged to apply the patch, restrict exposure, monitor for anomalous POST requests, or disable unpatched instances.