Bleepingcomputer
Critical Vulnerabilities in SolarWinds Serv-U Software Patched
First seen 24 Feb 2026, 17:11 UTC
•



+12
•87% similarity
•49.6
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
SolarWinds has issued security updates for four critical remote code execution vulnerabilities in its Serv-U software, which could allow attackers to gain root access to unpatched servers. The affected software is used for secure file transfers on Windows and Linux systems. The most severe flaw has been addressed in the latest release of Serv-U 15.5.4.
ThreatCluster AI
Timeline
2021-07-14
CVE-2021-35211 published
2024-06-06
CVE-2024-28995 published
2026-02-24
CVE-2025-40538 published
2026-02-24
Patch released for Serv-U vulnerabilities