CISA Warns of Exploited SolarWinds Serv-U Vulnerability

**Executive summary:** CISA added CVE-2026-28318 — an unauthenticated uncontrolled resource consumption (DoS) flaw in SolarWinds Serv-U exploitable via a malformed HTTP POST with Content-Encoding:deflate — to its KEV catalog after confirming active targeting; SolarWinds released Serv-U 15.5.4 Hotfix 1, but thousands of internet-exposed instances remain vulnerable, so organizations should apply the hotfix, audit deployments, and implement WAF/proxy mitigations.