> TritonInfoSec News
Home / Feb 26, 2026 / Story
0
#5 SecurityWeek general February 25, 2026 at 15:30 UTC

SolarWinds Patches Four Critical Serv-U Vulnerabilities

By Ionut Arghire

AI Summary

SolarWinds patched four critical Serv-U 15.5 vulnerabilities (CVE-2025-40538, CVE-2025-40539, CVE-2025-40540, CVE-2025-40541) all rated 9.1 CVSS, that could allow remote code execution with administrative privileges. The flaws include broken access control allowing system admin user creation and arbitrary code execution on affected file transfer servers.

Read full article → https://www.securityweek.com/solarwinds-patches-fo…

Relevance score: 88.0/100

# More from February 26

  1. 1
    Five Eyes allies warn hackers are actively exploiting Cisco SD-WAN flaws
  2. 2
    Critical Cisco SD-WAN bug exploited in zero-day attacks since 2023 BleepingComputer
  3. 3
    Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries The Hacker News
  4. 4
    Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker The Hacker News
  5. 6
    Fake Next.js job interview tests backdoor developer's devices BleepingComputer
  6. 7
    CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability The Hacker News
  7. 8
    Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware The Hacker News
  8. 9
    Health insurance tech provider TriZetto says more than 3 million impacted by 2024 breach
  9. 10
    Over 12 Million Users Impacted by CarGurus Data Breach SecurityWeek