Cyber Resilience

← All vendors

Solarwinds

CPE vendor key: solarwinds · 57 CVEs published in the last 24 months.

CVEs (365 d)
26
 
Avg CVSS (365 d)
8.29
over 26 CVEs
Avg EPSS pct (365 d)
0.50
higher = more likely exploited
KEV hit rate (365 d)
15.4%
4 of 26 added to CISA KEV
LLM-credited CVEs
0
 

Monthly CVE volume — last 24 months

202420252026013
Each point is one calendar month. Bars in the severity card to the right slice the same volume by CVSS band.

Severity mix

CritHighMedLow
Stacked by CVSS band (Critical / High / Medium / Low) using the best available metric per CVE.

Top affected products (24 mo)

access_rights_manager
15
web_help_desk
14
serv-u
11
observability_self-hosted
8
solarwinds_platform
6
kiwi_cattools
1
database_performance_analyze
1
ftp_voyager
1
Distinct CVEs that include each product in their CPE configuration.

Top CWEs (24 mo)

CWE-22
11
CWE-79
9
CWE-502
8
CWE-798
5
CWE-287
4
CWE-704
3
CWE-209
2
CWE-601
2
CWE-269
2
CWE-1390
2
Distinct CVEs assigned each weakness.

Recent CISA KEV adds (last 12 months)

AddedCVEProductKEV name
2026-06-05CVE-2026-28318Serv-USolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability
2026-03-09CVE-2025-26399Web Help DeskSolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability
2026-02-12CVE-2025-40536Web Help DeskSolarWinds Web Help Desk Security Control Bypass Vulnerability
2026-02-03CVE-2025-40551Web Help DeskSolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability
Filtered to KEV rows where the CISA vendor name matches this vendor, to drop cross-OS noise (e.g. third-party Windows apps that CPE-map to Microsoft).

LLM-credited CVEs from this vendor

No LLM-credited CVEs for this vendor yet.

From mythos_attributed_cves: CVEs whose NVD description or vendor advisory credits an LLM-assisted discovery. Confidence is high for every row.

Generated 19 June 2026 13:18 UTC <span class="time-ago" data-iso="2026-06-19T13:18:30Z"></span>.