Critical Vulnerabilities in SolarWinds Serv-U Software Patched

Critical Vulnerabilities in SolarWinds Serv-U Software Patched

First seen 24 Feb 2026, 17:11 UTC BleepingcomputerPetriTheregisterSecurityaffairs.CoSecurityaffairs+12 87% similarity 49.6

Article Content

Browse articles
ThreatCluster

SolarWinds has issued security updates for four critical remote code execution vulnerabilities in its Serv-U software, which could allow attackers to gain root access to unpatched servers. The affected software is used for secure file transfers on Windows and Linux systems. The most severe flaw has been addressed in the latest release of Serv-U 15.5.4.

ThreatCluster AI

Timeline

2021-07-14
CVE-2021-35211 published
2024-06-06
CVE-2024-28995 published
2026-02-24
CVE-2025-40538 published
2026-02-24
Patch released for Serv-U vulnerabilities

Community

Browse all →