CVE-2026-28299
published 2026-06-02CVE-2026-28299: SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when exploited, could cause the Web Help Desk server to crash due…
PriorityP340high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.42%
33.4th percentile
SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when exploited, could cause the Web Help Desk server to crash due to insufficient memory.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| solarwinds | web_help_desk | < 2026.2 | 2026.2 |
| solarwinds | web_help_desk | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
SolarWinds Web Help Desk allocation of resources
vuldb·2026-06-03·CVSS 8.2
CVE-2026-28299 [HIGH] SolarWinds Web Help Desk allocation of resources
A vulnerability has been found in SolarWinds Web Help Desk and classified as critical. The affected element is an unknown function. This manipulation causes allocation of resources.
This vulnerability is tracked as CVE-2026-28299. The attack is possible to be carried out remotely. No exploit exists.
GHSA
SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when exploited, could cause the Web Help Desk server to crash due to insufficient memory.
ghsa_unreviewed·2026-06-02
CVE-2026-28299 [HIGH] CWE-770 SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when exploited, could cause the Web Help Desk server to crash due to insufficient memory.
SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when exploited, could cause the Web Help Desk server to crash due to insufficient memory.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-02
Published