Back to Live Pulse
High
Serv-u
Uncontrolled Resource Consumption

CVE-2026-28318

Description

SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate. Mitigation steps are provided to secure customer environments in the SolarWinds Trust Center if you are unable to deploy the update

Proof of Concept (POC) Links

Explore how this vulnerability can be reproduced or exploited.