THE SecurityWeek report warns of a critical-severity vulnerability in SolarWinds Web Help Desk (WHD), tracked as CVE-2025-40551 with a CVSS of 9.8, which can allow unauthenticated remote code execution through untrusted data deserialization. The flaw affects the WHD ticketing, service and asset management solution, and was patched last week with SolarWinds releasing WHD version 2026.1, along with fixes for five other issues.
According to CISA, the vulnerability has been exploited in the wild, and it was added to the Known Exploited Vulnerabilities (KEV) catalog, with federal agencies urged to patch within three days. The article also notes that the KEV list includes additional issues: a GitLab vulnerability (CVE-2021-39935) and two Sangoma FreePBX vulnerabilities (CVE-2019-19006 and CVE-2025-64328) that were flagged as exploited in attacks prior to this warning.
It states that both SolarWinds and GitLab flaws appear unpatched in some environments, while federal agencies have three weeks to identify vulnerable GitLab and Sangoma instances and apply mitigations as required. according to CISA