Vulnerabilities3 min read
CISA Adds SolarWinds Serv-U Flaw to KEV After Active Exploitation
CVE-2026-28318 lets unauthenticated attackers crash SolarWinds Serv-U servers via malformed POST requests. CISA sets June 19 federal deadline after confirming active exploitation.
Marcus ChenJun 7, 2026