CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Mar 12, 2026
Description
SolarWinds Web Help Desk contain a deserialization of untrusted data vulnerability in AjaxProxy that could allow an attacker to run commands on the host machine.
EPSS — Exploit Probability
Higher than 96.5% of all CVEs
Required Action
https://www.solarwinds.com/trust-center/security-advisories/cve-2025-26399 ; https://documentation.solarwinds.com/en/success_center/whd/content/release_notes/whd_12-8-7-hotfix-1_release_notes.htm ; https://nvd.nist.gov/vuln/detail/CVE-2025-26399
Related Articles (3)
CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited
CISA adds 3 exploited flaws—SolarWinds, Ivanti, Workspace One—to KEV after attacks, forcing federal patch deadlines in March 2026.
Mar 10, 2026
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
Mar 9, 2026
Recent Ivanti Endpoint Manager Flaw Exploited in Attacks
CISA has added the high-severity authentication bypass vulnerability to its KEV list, along with SolarWinds and Workspace One bugs.
Mar 10, 2026
Risk Assessment
ELEVATEDDetails
- Severity
- High
- EPSS
- 28.8%
- CISA KEV
- Yes
- Ransomware
- Unknown
- Articles
- 3
Timeline
Published
Mar 9, 2026
Added to KEV
Mar 9, 2026
Remediation Due
Mar 12, 2026