Solarwinds Solarwinds Observability Self-hosted
7 CVEs affecting Solarwinds Solarwinds Observability Self-hosted. Latest disclosed: 2026-03-26. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-26397 | High | 7.8 | 2025-07-24 | SolarWinds Observability Self-Hosted is susceptible to Deserialization of Untrusted Data Local Privilege Escalation vulnerability. An attacker with low privile… |
CVE-2025-26395 | High | 7.1 | 2025-06-10 | SolarWinds Observability Self-Hosted was susceptible to a cross-site scripting (XSS) vulnerability due to an unsanitized field in the URL. The attack require… |
CVE-2026-28297 | Medium | 6.1 | 2026-03-26 | SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended scri… |
CVE-2026-28298 | Medium | 5.9 | 2026-03-26 | SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended scri… |
CVE-2025-26391 | Medium | 5.4 | 2025-11-18 | SolarWinds Observability Self-Hosted XSS Vulnerability. The SolarWinds Platform was susceptible to a XSS vulnerability that affects user-created URL fields. Th… |
CVE-2025-40545 | Medium | 4.8 | 2025-11-18 | SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate t… |
CVE-2025-26394 | Medium | 4.8 | 2025-06-10 | SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate… |