SolarWinds Web Help Desk RCE – Third time lucky? Patch Web Help Desk—again.
SolarWinds issued hotfix 12.8.7 HF1 for CVE-2025-26399 (CVSS 9.8)—an unauthenticated AjaxProxy deserialisation RCE in Web Help Desk. It’s a patch-bypass of prior CVEs (2024-28986/28988). No known exploitation yet; history suggests urgency as earlier bugs hit CISA KEV. Upgrade immediately.
Another critical RCE in SolarWinds Web Help Desk. It’s a bypass of the last bypass (yes, really).
Install 12.8.7 HF1 now, audit internet-exposed instances, and keep an eye on logs—attackers love ticket systems almost as much as we do.