SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could lead to remote code execution, which would allow an attacker to r…

SolarWinds Web Help Desk contains a critical deserialization of untrusted data vulnerability (CVE-2025-40551) that enables remote code execution without authentication. Attackers can exploit this vulnerability to run arbitrary commands on the host machine. The vulnerability affects the SolarWinds Web Help Desk application and poses a significant security risk due to its unauthenticated nature. Organizations using this software should apply patches immediately. The vulnerability has been assigned a high criticality rating due to the potential for complete system compromise.