New vulnerabilities in SolarWinds Web Help Desk (WHD) are being exploited by threat actors, highlighting the dangers of applications that are accessible over the public Internet This article explores new vulnerabilities solarwinds. . Businesses and governmental organizations use SolarWinds WHD, an asset management and IT support platform.

Although it's unclear which WHD bugs are being targeted, a number of vendors have issued warnings in recent days about potential exploitation. The critical deserialization flaw CVE-2025-40551, first discovered by SolarWinds in January, was added to the Known Exploited Vulnerabilities (KEV) Catalog by the US Cybersecurity and Infrastructure Security Agency (CISA) last week.

Although threat actors can take advantage of the vulnerabilities if they have local access to the instances, public exposure exposes the application to "pray and spray" attacks by threat actors seeking to obtain initial access, according to John Hammond, principal security researcher at Huntress and co-author of the blog post. Related: Jailbreak's "Semantic Chaining" Gemini Nano Banana, Grok 4 Dupes Customers should also update to version 2026 of WHD instances.1 or later, and check the hosts for any unapproved remote access programs, such as Velociraptor and Zoho Assist. Additionally, Microsoft advised companies to remove any remote monitoring and management (RMM) tools from the network, such as Zoho ManageEngine, and to change the login credentials for administrator and WHD service accounts, as well as any accounts that can be accessed via the platform.