On January 28, 2026, SolarWinds released fixes for multiple vulnerabilities impacting Web Help Desk (WHD). WHD is an IT service management platform that may contain sensitive information, making it a valuable target for threat actors if compromised.
Among the vulnerabilities addressed, four were rated as critical:
- CVE-2025-40551 and CVE-2025-40553 (Remote Code Execution): Allows an unauthenticated remote threat actor to execute commands on the host machine by exploiting an untrusted data deserialization flaw.
- CVE-2025-40552 and CVE-2025-40554 (Authentication Bypass): Allows a remote threat actor to bypass authentication controls and gain unauthorized access.
At the time of writing, Arctic Wolf has not observed exploitation of these vulnerabilities in the wild, nor identified a publicly available proof-of-concept exploit. However, threat actors may attempt to reverse-engineer the newly released version of WHD, as WHD vulnerabilities have been targeted shortly after disclosure in the past.
Recommendation
Upgrade to Latest Fixed Version
Arctic Wolf strongly recommends that customers upgrade to the latest fixed version.
| Product | Affected Version | Fixed Version |
| Web Help Desk (WHD) | Versions prior to 2026.1 | 2026.1 |
Please follow your organization’s patching and testing guidelines to minimize potential operational impact.
