Description
SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when exploited, could cause the Web Help Desk server to crash due to insufficient memory.
Published: 2026-06-02
Score: 8.2 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

SolarWinds Web Help Desk suffers a denial-of-service flaw that can cause the server to crash due to insufficient memory when an attacker triggers the vulnerability. The exploit allows an adversary to interrupt legitimate user access, leading to a loss of availability for the impacted service.

Affected Systems

The vulnerability impacts SolarWinds Web Help Desk. No specific version information is provided, so all deployments of the product may be susceptible until the vendor releases a patched version.

Risk and Exploitability

The CVSS score of 8.2 indicates a high severity of the flaw, while no EPSS score is available and the issue is not included in the CISA KEV catalog. Although the exact attack vector is not detailed, the description implies that an attacker would need to send requests that exhaust the server’s memory resources, which is likely achievable over a network. Because the vulnerability leads to a crash rather than privilege escalation or data exposure, the primary risk is interruption of service.

Generated by OpenCVE AI on June 3, 2026 at 03:57 UTC.

Remediation

Vendor Solution

SolarWinds recommends customers upgrade to the latest version as soon as is practical.

OpenCVE Recommended Actions

  • Upgrade to the latest Web Help Desk version that contains the bug fix.
  • Disable or restart the Web Help Desk service during periods of high load or after a crash to restore availability.
  • Configure system resource limits or memory quotas for the Web Help Desk process to reduce the impact of memory exhaustion.

Generated by OpenCVE AI on June 3, 2026 at 03:57 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 03 Jun 2026 04:15:00 +0000

Type Values Removed Values Added
First Time appeared Solarwinds
Solarwinds web Help Desk
Vendors & Products Solarwinds
Solarwinds web Help Desk

Wed, 03 Jun 2026 02:30:00 +0000

Type Values Removed Values Added
Description SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when exploited, could cause the Web Help Desk server to crash due to insufficient memory.
Title SolarWinds Web Help Desk Denial-of-Service Vulnerability
Weaknesses CWE-770
References
Metrics cvssV3_1

{'score': 8.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

Solarwinds Web Help Desk
cve-icon MITRE

Status: PUBLISHED

Assigner: SolarWinds

Published:

Updated: 2026-06-02T20:55:26.245Z

Reserved: 2026-02-26T14:15:09.403Z

Link: CVE-2026-28299

cve-icon Vulnrichment

Updated: 2026-06-02T20:55:19.386Z

cve-icon NVD

Status : Received

Published: 2026-06-02T20:16:33.783

Modified: 2026-06-02T20:16:33.783

Link: CVE-2026-28299

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-03T04:00:13Z

Weaknesses