CVE-2025-40536

CISA KEV

Published February 12, 2026 · Updated April 3, 2026

high

What This Means

**CVE-2025-40536: SolarWinds Web Help Desk Authentication Bypass** SolarWinds Web Help Desk contains an authentication bypass flaw that allows unauthenticated attackers to access restricted features without credentials. An attacker can exploit this to perform unauthorized actions on affected instances, potentially leading to data theft, privilege escalation, or system compromise. Patch immediately using SolarWinds' official security update, disable external access to Web Help Desk until patched, and audit logs for unauthorized access attempts to the application.

Official Description+

SolarWinds Web Help Desk contains a security control bypass vulnerability that could allow an unauthenticated attacker to gain access to certain restricted functionality.

Affected Products

Vendor	Product
SolarWinds	Web Help Desk

Patch Status

Patch by 2026-02-15

Recommended Actions

Check if your systems use any of the affected products listed above.
Apply vendor patches immediately if available.
This vulnerability is in CISA's Known Exploited Vulnerabilities catalog — prioritize remediation.
Monitor vendor advisories for updates and additional mitigations.
Review logs for indicators of compromise related to CVE-2025-40536.

Related Coverage

Vvulnerability

CVE-2025-40536: SolarWinds Web Help Desk Authentication Bypass Exposes Restricted Functionality to Unauthenticated Attackers

CVE-2025-40536 is an authentication bypass vulnerability in SolarWinds Web Help Desk that allows unauthenticated remote attackers to access restricted application functionality without credentials. Successful exploitation can lead to data theft, privilege escalation, and lateral movement through connected enterprise systems. CISA has added the flaw to its Known Exploited Vulnerabilities catalog and requires federal agencies to patch by February 15, 2026.

CISA KEV·50d ago·3 min read