Back to Live Pulse
HighServ-uUncontrolled Resource Consumption
CVE-2026-28318
Description
SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate. Mitigation steps are provided to secure customer environments in the SolarWinds Trust Center if you are unable to deploy the update
Proof of Concept (POC) Links
Explore how this vulnerability can be reproduced or exploited.