High severity7.8NVD Advisory· Published Jul 24, 2025· Updated Jun 17, 2026
CVE-2025-26397
CVE-2025-26397
Description
SolarWinds Observability Self-Hosted is susceptible to Deserialization of Untrusted Data Local Privilege Escalation vulnerability. An attacker with low privileges can escalate privileges to run malicious files copied to a permission-protected folder. This vulnerability requires authentication from a low-level account and local access to the host server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 2025.2 and previous versions
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.