SolarWinds Web Help Desk < 2026.1 - Unauthenticated JNDI Injection RCE CVE-2025-40551
- Severity
- EPSS Score
- EPSS Percentile
- Vulnerability description
- Not available
- Risk description
- Not available
- Recommendation
- Not available
- References
- https://horizon3.ai/attack-research/cve-2025-40551-another-solarwinds-web-help-desk-deserialization-issue/https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40551https://documentation.solarwinds.com/en/success_center/whd/content/release_notes/whd_2026-1_release_notes.htmhttps://nvd.nist.gov/vuln/detail/CVE-2025-40551
- Codename
- Not available
- Detectable with
- Network Scanner
- Scan engine
- Nuclei
- Cisa Kev
Yes- Exploitable with Sniper
- No
- CVE Published
- Jan 28, 2026
- Detection added at
- Software Type
- Not available
- Vendor
- Not available
- Product
- Not available
Detect this vulnerability now!
Check your clients' targets (or your own) for this vulnerability and thousands more! Get proof for validation with our ethical hacking toolkit.