Vulnerabilities3 min read
Serv-U Type Confusion Bug Enables Privileged Code Execution
CVE-2025-40540 is a critical type confusion vulnerability in SolarWinds Serv-U with CVSS 9.1. Attackers with admin access can execute arbitrary code.
Marcus ChenFeb 24, 2026