Vulnerabilities in SolarWinds
191 resultsCVE-2024-52612MEDIUMSolarWinds Platform Reflected Cross-Site Scripting VulnerabilityEPSS 0.5%CVE-2021-35236LOWMissing Secure Flag From SSL CookieEPSS 0.5%CVE-2025-40538CRITICALSolarWinds Serv-U Broken Access Control Remote Code Execution VulnerabilityEPSS 0.5%CVE-2024-45709MEDIUMSolarWinds Web Help Desk Local File Read VulnerabilityEPSS 0.5%CVE-2024-28990MEDIUMSolarWinds Access Rights Manager (ARM) Hardcoded Credentials Authentication Bypass VulnerabilityEPSS 0.5%CVE-2024-29000HIGHSolarWinds Platform Reflected XSS VulnerabilityEPSS 0.5%CVE-2021-35227MEDIUMInsecure Web Configuration for RabbitMQ Management Plugin in SolarWinds ARMEPSS 0.5%CVE-2023-23841HIGHSolarWinds Serv-U Exposure of Sensitive Information VulnerabilityEPSS 0.5%CVE-2023-33231MEDIUMXSS in SolarWinds Database Performance Analyzer 2023.2EPSS 0.5%CVE-2021-35226MEDIUMHashed Credential Exposure VulnerabilityEPSS 0.4%CVE-2025-40540CRITICALSolarWinds Serv-U Type Confusion Remote Code Execution VulnerabilityEPSS 0.4%CVE-2025-40539CRITICALSolarWinds Serv-U Type Confusion Remote Code Execution VulnerabilityEPSS 0.4%CVE-2023-33228MEDIUMSolarWinds Network Configuration Manager Sensitive Information Disclosure VulnerabilityEPSS 0.4%CVE-2021-27240HIGHThis vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Patch Manager 2020.2.1. An attackerEPSS 0.4%CVE-2023-40061HIGHInsecure Job Execution Mechanism Vulnerability EPSS 0.4%CVE-2026-28299HIGHSolarWinds Web Help Desk Denial-of-Service VulnerabilityEPSS 0.4%CVE-2025-26391MEDIUMSolarWinds Observability Self-Hosted XSS VulnerabilityEPSS 0.4%CVE-2022-38112HIGHSensitive Information Disclosure VulnerabilityEPSS 0.4%CVE-2022-36966MEDIUMInsecure Direct Object Reference Vulnerability: Orion Platform 2020.2.6EPSS 0.4%CVE-2022-38110MEDIUMReflected Cross-Site Scripting VulnerabilityEPSS 0.4%