Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

Web Help Desk — Vulnerabilities & Security Advisories 18

All 18 CVE vulnerabilities found in Web Help Desk, with AI-generated Chinese analysis, references, and POCs.

This page documents known security weaknesses affecting the Web Help Desk product, categorized by their respective Common Weakness Enumeration types and associated vendor advisories. The content aggregates vulnerability data covering a broad historical time range, capturing issues from initial disclosures through to subsequent patches or mitigations. Here, you can track the vendor’s advisory history to understand the lifecycle of security updates, gain a deeper comprehension of specific vulnerability classes commonly found in help desk software, and review the product’s cumulative vulnerability history to assess long-term stability. This aggregation serves as a centralized reference for security analysts, system administrators, and procurement teams evaluating the risk posture of the Web Help Desk solution. By consolidating disparate reports and notifications, the page provides a structured view of how different weakness types have manifested within this specific software environment. It emphasizes transparency regarding remediation efforts and the persistence of certain flaw categories over time. Users are encouraged to cross-reference the listed vulnerabilities with their internal asset inventory and patch management schedules. The data presented is intended to support informed decision-making regarding upgrade paths, configuration hardening, and third-party risk assessments without implying any endorsement or recommendation of specific technical controls.

Vendor: SolarWinds

CVE IDTitleCVSSSeverityPublished
CVE-2026-28299 SolarWinds Web Help Desk Denial-of-Service Vulnerability CWE-770 8.2 High2026-06-02
CVE-2025-40554 SolarWinds Web Help Desk Authentication Bypass Vulnerability CWE-1390 9.8 Critical2026-01-28
CVE-2025-40553 SolarWinds Web Help Desk Deserialization of Untrusted Data Remote Code Execution Vulnerability CWE-502 9.8 Critical2026-01-28
CVE-2025-40552 SolarWinds Web Help Desk Authentication Bypass Vulnerability CWE-1390 9.8 Critical2026-01-28
CVE-2025-40551 SolarWinds Web Help Desk Deserialization of Untrusted Data Remote Code Execution Vulnerability CWE-502 9.8 Critical2026-01-28
CVE-2025-40537 SolarWinds Web Help Desk Hardcoded Credentials Vulnerability CWE-798 7.5 High2026-01-28
CVE-2025-40536 SolarWinds Web Help Desk Security Control Bypass Vulnerability CWE-693 8.1 High2026-01-28
CVE-2025-26399 SolarWinds Web Help Desk Deserialization of Untrusted Data Privilege Escalation Vulnerability CWE-502 9.8 Critical2025-09-23
CVE-2024-28988 SolarWinds Web Help Desk Java Deserialization Remote Code Execution Vulnerability CWE-502 9.8 Critical2025-09-01
CVE-2025-26400 SolarWinds Web Help Desk XML External Entity Injection (XXE) Vulnerability CWE-611 5.3 Medium2025-07-29
CVE-2024-28989 SolarWinds Web Help Desk Cryptographic Key Management Vulnerability CWE-321 5.5 Medium2025-02-11
CVE-2024-45709 SolarWinds Web Help Desk Local File Read Vulnerability CWE-22 5.3 Medium2024-12-10
CVE-2024-28987 SolarWinds Web Help Desk Hardcoded Credential Vulnerability CWE-798 9.1 Critical2024-08-21
CVE-2024-28986 SolarWinds Web Help Desk Java Deserialization Remote Code Execution Vulnerability CWE-502 9.8 Critical2024-08-13
CVE-2021-35251 Sensitive Data Disclosure Vulnerability CWE-209 5.3 Medium2022-03-09
CVE-2021-35232 Hard credentials discovered in SolarWinds Web Help Desk which allows to execute Arbitrary Hibernate Queries CWE-798 6.8 Medium2021-12-27
CVE-2021-35243 HTTP PUT & DELETE Methods Enabled CWE-749 5.3 Medium2021-12-23
CVE-2021-32076 Access Restriction bypass vulnerability via referrer spoof - Business Logic Bypass CWE-290 5.3 Medium2021-08-26

All 18 known CVE vulnerabilities affecting Web Help Desk with full Chinese analysis, references, and POCs where available.