CISA Adds SolarWinds Serv-U Resource Consumption Vulnerability to KEV Catalog
CISA has added CVE-2026-28318, an uncontrolled resource consumption vulnerability in SolarWinds Serv-U, to its Known Exploited Vulnerabilities catalog due to evidence of active exploitation. The vulnerability is flagged as a frequent attack vector posing significant risk to federal systems. CISA recommends all organizations prioritize patching this vulnerability as part of their vulnerability management practices.
Why it matters in Western Canada: SolarWinds Serv-U is commonly deployed in Canadian organizations across government, healthcare, and education sectors. Active exploitation of this vulnerability could impact Western Canadian institutions managing file transfer and remote access systems.
CVEs: CVE-2026-28318
Summary generated from the original advisory. Read the full source: cisa-advisories
- Source
- https://www.cisa.gov/news-events/alerts/2026/06/05/cisa-adds-one-known-exploited-vulnerability-catalog
- CVEs
- CVE-2026-28318
- Tags
- solarwinds, serv-u, resource-consumption, active-exploitation, patch-urgent
- Provenance
- mask2-ti-pipeline (AI-assisted, human-reviewable)