๐ฅ This vulnerability is being actively exploited in the wild (CISA Known Exploited Vulnerabilities catalog)
CVE-2025-26399: SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability
Summary
SolarWinds Web Help Desk has a deserialization of untrusted data vulnerability (a flaw where the software accepts and processes untrusted information in a way that lets attackers run malicious code) in a component called AjaxProxy that could allow attackers to execute commands on the affected computer. This vulnerability is currently being actively exploited by real attackers.
Solution / Mitigation
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Refer to the SolarWinds security advisory and Web Help Desk 12.8.7 Hotfix 1 release notes for specific details.
Vulnerability Details
EPSS: 34.2%
๐ฅ Actively Exploited
Classification
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-26399
First tracked: March 9, 2026 at 04:00 PM
Classified by LLM (prompt v3) ยท confidence: 95%