{"vulnerability": "cve-2026-28318", "sightings": [{"uuid": "b9f811f1-8e8a-43d7-ab51-ba90a980079e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/solarwinds-security-advisory-av26-549", "content": "", "creation_timestamp": "2026-06-04T11:54:48.000000Z"}, {"uuid": "06d0a570-3628-48ba-8bc7-094128fcd6be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6665471", "content": "2026-06-05: [CVE-2026-28318] SolarWinds Serv-U Uncontrolled Resource Consumption VulnerabilitySolarWinds Serv-U contains an uncontrolled resource consumption vulnerability that allows specially crafted POST requests using the Content-Encoding: deflate header to crash the Serv-U service without authentication.\ncisakev", "creation_timestamp": "2026-06-05T17:46:15.513384Z"}, {"uuid": "db2110d6-530f-4ff7-bdd7-412c3b1c5b2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mnkpelghy22d", "content": "\ud83d\uded1 CVE-2026-28318\nSolarWinds Serv-U\nCVSS 7.5 / EPSS 0% / KEV\nTL;DR: SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U ser\u2026\nhttps://cvesentinel.com/report/CVE-2026-28318?utm_source=bluesky&utm_medium=social&utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-06-05T17:53:06.327922Z"}, {"uuid": "33132aac-a004-44e2-98c5-578eaccb5cb6", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b00d5422-d924-4e37-a319-af4fa11ed523", "content": "", "creation_timestamp": "2026-06-05T18:00:02.558663Z"}, {"uuid": "e7f74639-711d-4edd-97b1-bf64df0adc2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/todb2.hugesuccess.org/post/3mnks2yssm6q2", "content": "w/r/t CVE-2026-28318 - I kinda like the mitigation guidance of \"well just block HTTP clients from sending `Content-encoding: deflate` on POSTs and you're good. Which sounded crazy to me, but is it?\n\nI know POSTs can be compressed, but I'd expect clients to use `gzip` pretty much exclusively. The [\u2026]", "creation_timestamp": "2026-06-05T18:42:19.552052Z"}, {"uuid": "3b7f448d-1160-40e1-bb3d-96ea20a93427", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/secdb.bsky.social/post/3mnkt4ofewr2o", "content": "\ud83d\udea8 CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0605)\n\n\u26a0\ufe0f CVE-2026-28318 - SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability\n\n\n#ZEN #SecDB #InfoSec #CISA_KEV", "creation_timestamp": "2026-06-05T19:00:14.048604Z"}, {"uuid": "3c480856-7e03-4888-a18c-cf7d2d1184c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mnkwmrimu72n", "content": "~Cisa~\nCISA added SolarWinds Serv-U vulnerability CVE-2026-28318 to its KEV catalog due to active exploitation.\n-\nIOCs: CVE-2026-28318\n-\n#CVE202628318 #SolarWinds #ThreatIntel", "creation_timestamp": "2026-06-05T20:02:55.769813Z"}, {"uuid": "f83a9a61-4c05-4b65-a84a-78f6d568bd4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnl2oh32kk2j", "content": "CISA says attackers are exploiting SolarWinds Serv-U CVE-2026-28318 to crash exposed servers via crafted POST requests. SolarWinds has issued Hotfix 1 for the denial-of-service flaw. #SolarWinds #ServU #CISA", "creation_timestamp": "2026-06-05T21:15:26.907444Z"}, {"uuid": "214979d9-b8b2-4012-8d65-f1232de5fca8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/cyberlensai.bsky.social/post/3mnli7wttdj22", "content": "CVE watch: CVE-2026-28318: SolarWinds Serv-U \u2014 SolarWinds Serv-U Uncontrolled\u2026\n\nCheck exposure, dependency, and agent/tool access before panic-patching. Inventory beats vibes.\n\nSource: cisa.gov\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2026-28318", "creation_timestamp": "2026-06-06T01:17:52.306365Z"}, {"uuid": "1711f9c7-5bc2-4c7f-b9a7-c05fac9dbba3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3mnlkspnd6i2j", "content": "CISA Adds One Known Exploited Vulnerability to Catalog\nCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-28318 SolarWinds Serv-U Uncontrolled\u2026\n\n\ud83d\udd17 https://hnow.live/a/0ddbd4c9", "creation_timestamp": "2026-06-06T02:04:10.004367Z"}, {"uuid": "3fadff03-fd77-4674-b71a-5d82611a5d15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-28318", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mnlw3fgpsz2g", "content": "\ud83d\udcf0 CISA Rilis Peringatan Darurat: Celah Keamanan SolarWinds Serv-U Eksploitasi Aktif untuk Melumpuhkan Server\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/06/06/isa-peringatkan-celah-solarwinds-serv-u-di-eksploitasi-untuk-crash-server/\n\n#cisa #cve-2026-28318 #denialOfService #ind", "creation_timestamp": "2026-06-06T05:25:51.956295Z"}, {"uuid": "9412f6ea-79b8-4d25-9925-71190687cc21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mnm77udcj4r2", "content": "CISA Warns of Exploited SolarWinds Serv-U Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-28318 to its Known Exploited Vulnerabilities (KEV) cata...\n\n#Cyber #Security #News #Cyber #security #news #vulnerability\n\nOrigin | Interest | Match", "creation_timestamp": "2026-06-06T08:09:30.622166Z"}, {"uuid": "f4978018-345a-4afc-bd14-5245d304f6bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mnma7l7qwd23", "content": "CISA Warns: SolarWinds Serv-U Zero-Day CVE-2026-28318 Actively Exploited \u2013 Patch Now or Face DoS Attacks! +\u00a0Video\n\nIntroduction: The SolarWinds Serv-U file transfer software, widely used for managed file transfer (MFT) across enterprises, has become the latest victim of active exploitation. CISA\u2026", "creation_timestamp": "2026-06-06T08:27:10.308468Z"}, {"uuid": "f8aefccd-dec2-43b9-8549-1aee2c1892b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mnmbo6pj2c2f", "content": "CISA added CVE-2026-28318 to KEV, citing active exploitation of a SolarWinds Serv-U DoS flaw that crashes the service via crafted unauthenticated POST requests.\n", "creation_timestamp": "2026-06-06T08:53:14.282003Z"}, {"uuid": "377d7225-6e8a-4b0f-808c-ead02cf04f21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://thehackernews.com/2026/06/cisa-adds-actively-exploited-solarwinds.html", "content": "The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting SolarWinds Serv-U  multi-protocol file server software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.\n\nThe vulnerability, tracked as CVE-2026-28318 (CVSS score: 7.5), is a denial-of-service (DoS) bug that causes the service to crash", "creation_timestamp": "2026-06-06T06:14:31.000000Z"}, {"uuid": "17d6bf0c-6ceb-4fab-a27c-07a75ccb2696", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mnmhldg3ph23", "content": "CISA Issues Emergency Directive: SolarWinds Serv-U Zero-Day Under Active Attack\u2014Patch by June 19! +\u00a0Video\n\nIntroduction: A critical unauthenticated Denial-of-Service (DoS) vulnerability in SolarWinds Serv-U (CVE-2026-28318) is now being actively exploited in the wild. This flaw allows any remote\u2026", "creation_timestamp": "2026-06-06T10:39:00.934094Z"}, {"uuid": "2a439f7b-1a09-4366-9d96-117572832d3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnmhwtcigl2z", "content": "CISA added CVE-2026-28318, an actively exploited DoS flaw in SolarWinds Serv-U, to its KEV catalog. SolarWinds has released a fix in 15.5.4 HF1. #SolarWinds #ServU #CISA", "creation_timestamp": "2026-06-06T10:45:27.033749Z"}, {"uuid": "b39bfb04-e623-4ffa-a3a6-9b7712602e03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mnmicnehlv2d", "content": "SolarWinds Serv-U\u306eDoS\u8106\u5f31\u6027(CVE-2026-28318)\u304cCISA KEV\u306b\u8ffd\u52a0\u3002\u653b\u6483\u8005\u306f\u30b5\u30fc\u30d3\u30b9\u3092\u30af\u30e9\u30c3\u30b7\u30e5\u3055\u305b\u308b\u3053\u3068\u304c\u53ef\u80fd\u3002", "creation_timestamp": "2026-06-06T10:52:03.007762Z"}, {"uuid": "62133dbe-6dde-42a6-9a3e-a24cff2b008a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3mnmmdgtrph2g", "content": "CISA KEV Threat Alert:\u2026\ud83d\udea8 CRITICAL CISA KEV ALERT: Threat actors are actively exploiting CVE-2026-28318, an unauthenticated Denial of Service flaw crashing internet-exposed SolarWinds Serv-U instances using malformed HTTP POST requests. Federal mandate deadlines are set.\nhttps://thecybermind.co/h1gp", "creation_timestamp": "2026-06-06T12:04:04.458992Z"}, {"uuid": "de906ebd-cbb0-4580-99f6-717309b18ad6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3mnmqmciivq2w", "content": "\ud83c\udfe2 BOARD-LEVEL CYBER RISK DIRECTIVE: Executive liability, cyber insurance compliance, and corporate data sovereignty face immediate exposure via active exploitation of SolarWinds Serv-U (CVE-2026-28318). Mandatory remediation actions are required by June 19, 2026. https://thecybermind.co/7t7p", "creation_timestamp": "2026-06-06T13:20:37.034668Z"}, {"uuid": "b2ac2884-0014-471f-aa59-2f093ae8a3ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnmzlbasn62c", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-28318\n\n\u2022 CVE ID: CVE-2026-28318\n\u2022 CVSS Score: 7.5 (High)\n\u2022 Affected: SolarWinds Serv-U \n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-06T16:01:06.361377Z"}, {"uuid": "5b8d5360-194b-42a2-bd3f-e4a120e99484", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mnpgzkbfl426", "content": "CISA adds critical SolarWinds Serv-U vulnerability (CVE-2026-28318) to KEV catalog. Immediate patching required to prevent active exploitation. #CyberSecurity #SolarWinds #CISA #Vulnerability Link: thedailytechfeed.com/critical-sol...", "creation_timestamp": "2026-06-07T15:07:03.584335Z"}, {"uuid": "9726d901-2b13-4ace-8b9e-c4bdc4ecbf8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mnq7dh3jxn2c", "content": "CISA\u304c\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\u30921\u4ef6\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0 \n\nCISA Adds One Known Exploited Vulnerability to Catalog  #CISA (Jun 5)\n\nCVE-2026-28318 SolarWinds Serv-U\u306e\u30ea\u30bd\u30fc\u30b9\u6d88\u8cbb\u5236\u5fa1\u4e0d\u80fd\u306e\u8106\u5f31\u6027 \n\nwww.cisa.gov/news-events/...", "creation_timestamp": "2026-06-07T22:22:04.707260Z"}, {"uuid": "06cb157d-d26e-4001-b18f-4ead979a171c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnrc5xywyb2n", "content": "CISA says attackers are exploiting a patched SolarWinds Serv-U flaw, CVE-2026-28318, via crafted POST requests that can crash the service. SolarWinds urges immediate upgrades. #SolarWinds #ServU #CISA", "creation_timestamp": "2026-06-08T08:45:22.707052Z"}, {"uuid": "b79e6f27-6721-4ca3-a0c6-26296dea2f67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://www.acn.gov.it/portale/w/solarwinds-sfruttamento-attivo-in-rete-della-cve-2026-28318", "content": "", "creation_timestamp": "2026-06-08T01:15:34.000000Z"}, {"uuid": "930b0cf0-cc35-4336-8b30-4c1c0fbaa18c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mnriaosjtc2r", "content": "CISA has added the critical SolarWinds Serv-U vulnerability (CVE-2026-28318) to its Known Exploited Vulnerabilities catalog, warning of active exploitation. This Uncontrolled Resource Consumption flaw allows unauthenticated attackers to crash the service via malicious HTTP requests.", "creation_timestamp": "2026-06-08T10:34:15.456227Z"}, {"uuid": "9e457c08-37c4-46ea-8847-5088cf541fc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/exiledev8668.bsky.social/post/3mnrhzqdldv2n", "content": "CISA flags SolarWinds Serv-U DoS (CVE-2026-28318) as actively exploited. The patch is table stakes. The real question: what privileged accounts are attached to that server, and does anyone actually know?", "creation_timestamp": "2026-06-08T10:30:22.134390Z"}, {"uuid": "70a4494c-68ae-44e7-8afb-f440bbef2676", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3mnri7ugsqs2g", "content": "CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)\n\n\ud83d\udcd6 REad more: www.helpnetsecurity.com/2026/06/08/c...\n\n#enterprise #filetransfer #government #vulnerability #cybersecurity #cybersecuritynews", "creation_timestamp": "2026-06-08T10:33:53.311296Z"}, {"uuid": "510f77e5-a67e-4a58-a836-a39f9976f270", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mnrmrxgm4c24", "content": "CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)\n\nwww.helpnetsecurity.com/2026/06/08/c...\n\n#Kyberturvallisuus #LaajaVaikutus #Haavoittuvuus", "creation_timestamp": "2026-06-08T11:55:33.983325Z"}, {"uuid": "e55a0f96-d614-428d-a049-e94a6c802e9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mns2gxazjf2l", "content": "\ud83d\udce2 CISA KEV ALERT! An actively exploited DoS flaw (CVE-2026-28318) in SolarWinds Serv-U is on the loose. Federal agencies must patch by June 19. All orgs using Serv-U are urged to update immediately! \ud83d\udea8 #CVE #SolarWinds #Infosec #PatchNow\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-08T15:59:53.875852Z"}, {"uuid": "91995b92-e6ce-4a88-a671-26bd73319dc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116715315438520529", "content": "\ud83d\udcf0 CISA Mandates Patch for Actively Exploited SolarWinds DoS Flaw Added to KEV Catalog\n\ud83d\udce2 CISA KEV ALERT! An actively exploited DoS flaw (CVE-2026-28318) in SolarWinds Serv-U is on the loose. Federal agencies must patch by June 19. All orgs using Serv-U are urged to update immediately! \ud83d\udea8 #CVE #SolarWinds #Infosec #PatchNow\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/cisa-orders-patch-for-actively-exploited-solarwinds-serv-u-dos-vulnerability/?utm_\u2026", "creation_timestamp": "2026-06-08T15:59:54.265788Z"}, {"uuid": "7942e281-bfae-4efe-889d-6441be594e98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mnsasfnyob22", "content": "CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation SolarWinds patches actively exploited Serv-U DoS bug CVE-2026-28318 while CISA adds it to the KEV catalog and orders remediation at...\n\n#Resources #CVE #Vulnerability #Alerts [\u2026] \n\n[Original post on dailysecurityreview.com]", "creation_timestamp": "2026-06-08T17:53:40.941807Z"}, {"uuid": "f107e935-655a-4a76-bd4c-8650a6cc0f3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mnswpy24f52o", "content": "CISA\uff1a\u30d1\u30c3\u30c1\u306b\u3088\u308aSolarWinds Serv-U\u306eDoS\u8106\u5f31\u6027\uff08CVE-2026-28318\uff09\u304c\u60aa\u7528\u3055\u308c\u307e\u3057\u305f \n\nCISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)  #HelpNetSecurity (Jun 8)\n\nwww.helpnetsecurity.com/2026/06/08/c...", "creation_timestamp": "2026-06-09T00:26:01.534383Z"}, {"uuid": "8021388a-ade0-41ae-93fc-7dd0f9870a3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mnszl2qolk2h", "content": "CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)\n\nA vulnerability (CVE-2026-28318) that can be exploited to crash SolarWinds Serv-U file transfer servers is being leveraged by attackers in the wild, the US Cybersecurity and Infrastructure Securit\u2026\n#hackernews #news", "creation_timestamp": "2026-06-09T01:16:57.375010Z"}, {"uuid": "21d9e792-5c1b-4bc5-9a2c-9507ba6734ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-28318", "type": "seen", "source": "https://bsky.app/profile/intelnightowl.bsky.social/post/3mntqv2em7u2d", "content": "US face SolarWinds Serv\u2011U DoS exploit CVE-2026-28318; patch deadline June 19 underscores #USA threat posture #UN #CyberSecurity #TechPolicy https://www.helpnetsecurity.com/2026/06/08/cisa-patch-actively-exploited-solarwinds-serv-u-dos-vulnerability-cve-2026-28318/", "creation_timestamp": "2026-06-09T08:14:09.032055Z"}, {"uuid": "ba55f30b-876e-4b86-8a43-9914991e8056", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-28318", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3mntyinmzox2t", "content": "\ud83d\udce2 CVE-2026-28318 : vuln\u00e9rabilit\u00e9 DoS dans SolarWinds Serv-U exploit\u00e9e activement\n\ud83d\udcdd ## \ud83d\uddd3\ufe0f Contexte\n\nSource : SecurityWeek, publi\u00e9 le 8 juin 2026.\nhttps://cyberveille.ch/posts/2026-06-09-cve-2026-28318-vulnerabilite-dos-dans-solarwinds-serv-u-exploitee-activement/ #CISA_KEV #Cyberveille", "creation_timestamp": "2026-06-09T10:30:28.424604Z"}, {"uuid": "787755c4-48b5-4f4b-8f0f-799d35f962e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116720911179613526", "content": "\ud83d\udcf0 CISA Mandates Patch for Actively Exploited SolarWinds DoS Flaw Added to KEV Catalog\n\ud83d\udce2 CISA KEV ALERT! An actively exploited DoS flaw (CVE-2026-28318) in SolarWinds Serv-U is on the loose. Federal agencies must patch by June 19. All orgs using Serv-U are urged to update immediately! \ud83d\udea8 #CVE #SolarWinds #Infosec #PatchNow\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/cisa-orders-patch-for-actively-exploited-solarwinds-serv-u-dos-vulnerability/?utm_\u2026", "creation_timestamp": "2026-06-09T15:43:15.179190Z"}, {"uuid": "a3105061-8715-459d-8d65-c254b67ac5b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mnujybl5aw2o", "content": "\ud83d\udce2 CISA KEV ALERT! An actively exploited DoS flaw (CVE-2026-28318) in SolarWinds Serv-U is on the loose. Federal agencies must patch by June 19. All orgs using Serv-U are urged to update immediately! \ud83d\udea8 #CVE #SolarWinds #Infosec #PatchNow\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-09T15:43:20.528978Z"}, {"uuid": "550a719d-c5ab-4092-9feb-02a3316767b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/getpacketai.bsky.social/post/3mnukwrns6n2d", "content": "CISA flags actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318) in KEV catalog\u2014organizations using Serv-U should prioritize patching.\n\nhttps://thehackernews.com/2026/06/cisa-adds-actively-exploited-solarwinds.html\n\n#cybersecurity #infosec", "creation_timestamp": "2026-06-09T16:00:23.473947Z"}, {"uuid": "5d936959-d315-400c-be02-24e721e2631b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnwalz446726", "content": "\ud83d\udea8 ACTIVE THREAT: CVE-2026-28318 (CVSS 9.1)\n\nPrivilege escalation in Microsoft Entra ID. Tenant-wide impact.\n\nAffects: Microsoft Entra, Azure AD\n\nIf you're running Microsoft Entra, check your patch status today.\n\n\ud83d\udee1\ufe0f Don't wait for the breach. Get your free vulnerability scan \u2192 securitycyber.uk\n\n#Cybe", "creation_timestamp": "2026-06-10T08:00:44.111732Z"}, {"uuid": "d43329fe-32b1-4984-843e-6d4fba924a2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnwplnodfc2x", "content": "Correction on our earlier CVE-2026-28318 alert.\n\nThe affected product was listed as \"SolarWinds Serv-U DoS\" \u2014 that's the vulnerability type, not the product name.\n\nCorrect: SolarWinds Serv-U. The flaw is an uncontrolled resource consumption issue causing denial of service. CVSS 7.5, CISA K", "creation_timestamp": "2026-06-10T12:28:58.250024Z"}, {"uuid": "19adf7e7-dc78-4530-9b98-2ad5447f3215", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnwqmq6uco2i", "content": "Quick correction on our earlier post: CVE-2026-28318 affects SolarWinds Serv-U, not Microsoft Entra ID as we stated. The NVD listing confirms it is a crafted POST request crash in Serv-U (CVSS 7.5, HIGH).\n\nWe got the product name wrong. That is on us. In this business, precision matters \u2014 if we cann", "creation_timestamp": "2026-06-10T12:47:28.167128Z"}, {"uuid": "4e357787-5bcd-465b-ba23-d7b4a717526f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/cyberowi.pl/post/3mnyy5f6k3z26", "content": "\ud83d\udea8 SolarWinds Serv-U: Luka DoS aktywnie wykorzystywana. Alert CVE-2026-28318\n\nLuka CVE-2026-28318 w SolarWinds Serv-U pozwala na zdalne wywo\u0142anie awarii us\u0142ugi. CISA potwierdza aktywne ataki i\n\nhttps://cyberowi.pl/solarwinds-serv-u-luka-dos-aktywnie-wykorzystywana-alert/\n\n#cyberbezpieczenstwo", "creation_timestamp": "2026-06-11T10:07:22.718165Z"}, {"uuid": "58df2029-1c7a-4674-a616-9f67b9e117c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "seen", "source": "https://bsky.app/profile/samilaiho.com/post/3mokq2q4cik2a", "content": "A Crash, Not a Shell: SolarWinds Serv-U CVE-2026-28318\nbishopfox.com/blog/a-crash...", "creation_timestamp": "2026-06-18T11:30:48.805969Z"}, {"uuid": "2e4b8177-93e1-4509-90b0-23c82adf596b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "published-proof-of-concept", "source": "Telegram/UP0bHdwN2udFarZFpAo4dW_5awpjME5BMssCjsrIyWufG1U", "content": "", "creation_timestamp": "2026-06-10T15:00:07.000000Z"}, {"uuid": "5fc6b964-8154-4b0e-8d45-23dd01915e16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "published-proof-of-concept", "source": "Telegram/cFwSQ27uOrqZ96YGVM-ku7YiP0UftFdUhE6IZpDdkcLlq7k", "content": "", "creation_timestamp": "2026-06-13T03:00:05.000000Z"}, {"uuid": "81de02f1-b65b-4665-8430-2111de1d80cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "exploited", "source": "Telegram/RjFtPT0Qt3W0A0xNEsz-oWGIM9AmnTe6qgjGlCecqaERag", "content": "", "creation_timestamp": "2026-06-06T16:17:46.000000Z"}, {"uuid": "7c7c0047-0440-4a6f-b813-824b1b8000e5", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/201a6287-73ac-44f1-ad01-3e8f8deb3798", "content": "", "creation_timestamp": "2026-06-19T12:45:09.782720Z"}, {"uuid": "fd218950-c0da-46ce-8ba5-0d002d0b0323", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28318", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0ab957d4-f6b3-43d3-a77c-8866fbe67fcb", "content": "", "creation_timestamp": "2026-06-23T14:03:01.617503Z"}]}