Skip to content

RadicalNotion.AI

We do not sell or share your personal information

© 2026 RadicalNotion.AI

Security Data

CWE Directory
CAPEC Directory
CNA Directory
CNA Report Cards
Data Sources

Calculators

CVSS Calculator
CVSS 4.0
CVSS 3.1
CVSS 3.0
CVSS 2.0

Platform

My Vulnerabilities
Insights
Notifications
Account
Pricing

Learn

All guides
What is a CVE?
What is CVSS?
The CISA KEV catalog
What is EPSS?

Company

About us
Blog
Book a demo

Get Started

Sign up
Log in

Legal

Privacy
Terms

Security data

Weaknesses (CWE)The MITRE CWE weakness catalog
Attack Patterns (CAPEC)MITRE CAPEC attack patterns
CNAsNumbering authorities + report cards
VendorsVulnerabilities by vendor

Tools

CVSS CalculatorScore CVSS 4.0, 3.1, 3.0 & 2.0

Resources

LearnPlain-English security guides
Data SourcesHow we source CVE data

About Us Blog Pricing Book a Demo

Log in

Home
Vendors
Solarwinds
Solarwinds Platform

SolarWinds Platform Vulnerabilities: CVEs, CISA KEV & Security Advisories

44 CVEs

SolarWinds Platform Vulnerabilities

CVE security advisories and vulnerability history for SolarWinds Platform by solarwinds.

44

Total CVEs

Published

0

In CISA KEV

Exploited in the wild

2

Public exploits

With known exploit

7.0

Avg CVSS

2022–2025

Last updated February 11, 2025

Overview

SolarWinds Platform has 44 published CVE records since 2022, of which 0 are in CISA's Known Exploited Vulnerabilities catalog and 2 have a known public exploit. The average CVSS base score across scored CVEs is 7.0.

This page aggregates every publicly disclosed vulnerability (CVE) affecting SolarWinds Platform, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list. Affected platforms include 64 bit, Windows.

Severity and exploitation

How the CVSS severity of SolarWinds Platform's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical0

High31

Medium10

Low3

In CISA’s Known Exploited Vulnerabilities catalog

0

None of SolarWinds Platform's CVEs are currently listed in CISA's KEV catalog.

Public exploits

2

2 of SolarWinds Platform's CVEs have a known public exploit available.

Affected versions and CVEs

Browse every SolarWinds Platform version named in a CVE, then pick one to see only the CVEs that affect it.

Fixed in

2023.35 CVEs
2023.3.05 CVEs
> 2022.4.14 CVEs
2024.1.14 CVEs
> 2022.3 and prior versions3 CVEs
2024.23 CVEs
2025.13 CVEs
> 2022.32 CVEs
> 2023.22 CVEs
2022.32 CVEs
2023.3.12 CVEs
2023.42 CVEs
2024.12 CVEs
2024.42 CVEs
2022.3.01 CVE
2023.21 CVE
2023.2.01 CVE
2023.4.21 CVE
2024.4.11 CVE

Default status

All versions8 CVEs

Find a version

44 CVEs

Sort

Low vulnerability · 2025-02-11
CVE-2024-52611
Patch
CWE-209
Low · CVSS 3.5
EPSS 0.2% (41th pct)2025-02-11
Medium vulnerability · 2025-02-11
CVE-2024-52612
Patch
CWE-79
Medium · CVSS 6.8
EPSS 0.4% (64th pct)2025-02-11
SolarWinds Platform Server-Side Request Forgery Vulnerability
CVE-2024-52606
Patch
CWE-918
Low · CVSS 3.5
EPSS 0.4% (64th pct)2025-02-11
High vulnerability · 2024-12-04
CVE-2024-45717
Patch
CWE-79
High · CVSS 7.0
EPSS 0.3% (56th pct)2024-12-04
SolarWinds Platform Edit Function Cross-Site Scripting Vulnerability
CVE-2024-45715
Patch
CWE-79
High · CVSS 7.1
EPSS 0.1% (25th pct)2024-10-16
High vulnerability · 2024-10-16
CVE-2024-45710
Patch
CWE-427
High · CVSS 7.8
EPSS 0.2% (37th pct)2024-10-16
High vulnerability · 2024-06-04
CVE-2024-29004
Patch
CWE-79
High · CVSS 7.1
EPSS 0.1% (22th pct)2024-06-04
Medium vulnerability · 2024-06-04
CVE-2024-28999
Public exploit
Patch
CWE-362
Medium · CVSS 6.4
EPSS 6.5% (91th pct)2024-06-04
High vulnerability · 2024-06-04
CVE-2024-28996
Patch
CWE-89
High · CVSS 7.5
EPSS 0.7% (72th pct)2024-06-04
High vulnerability · 2024-05-20
CVE-2024-29000
Patch
CWE-79
High · CVSS 7.9
EPSS 0.1% (31th pct)2024-05-20
SolarWinds Platform Cross Site Scripting Vulnerability
CVE-2024-29003
Patch
CWE-79
High · CVSS 7.5
EPSS 0.1% (21th pct)2024-04-18
SolarWinds Platform SWQL Injection Vulnerability
CVE-2024-29001
Patch
CWE-89
High · CVSS 7.5
EPSS 0.1% (19th pct)2024-04-18
High vulnerability · 2024-04-18
CVE-2024-28076
Patch
CWE-601
High · CVSS 7.0
EPSS 0.0% (8th pct)2024-04-18
High vulnerability · 2024-02-06
CVE-2023-35188
Patch
CWE-89
High · CVSS 8.0
EPSS 0.8% (74th pct)2024-02-06
High vulnerability · 2024-02-06
CVE-2023-50395
Patch
CWE-89
High · CVSS 8.0
EPSS 1.0% (77th pct)2024-02-06
SolarWinds Platform SQL Injection Remote Code Execution Vulnerability
CVE-2023-40056
Patch
CWE-89
High · CVSS 8.0
EPSS 0.1% (22th pct)2023-11-28
High vulnerability · 2023-11-01
CVE-2023-40061
Patch
CWE-20
High · CVSS 8.8
EPSS 0.1% (28th pct)2023-11-01
High vulnerability · 2023-11-01
CVE-2023-40062
Patch
CWE-20
High · CVSS 8.0
EPSS 2.3% (85th pct)2023-11-01
SolarWinds Platform Exposed Dangerous Method Vulnerability
CVE-2023-23845
Patch
CWE-697
Medium · CVSS 6.8
EPSS 0.3% (53th pct)2023-09-13
SolarWinds Platform Exposed Dangerous Method Vulnerability
CVE-2023-23840
Patch
CWE-697
Medium · CVSS 6.8
EPSS 0.3% (53th pct)2023-09-13
Medium vulnerability · 2023-07-26
CVE-2023-3622
Patch
CWE-287
Medium · CVSS 4.3
EPSS 0.1% (26th pct)2023-07-26
SolarWinds Platform Incorrect Input Neutralization Vulnerability
CVE-2023-33229
Patch
CWE-94
Low · CVSS 3.5
EPSS 0.6% (70th pct)2023-07-26
High vulnerability · 2023-07-26
CVE-2023-23843
Patch
CWE-697
High · CVSS 7.2
EPSS 0.2% (44th pct)2023-07-26
High vulnerability · 2023-07-26
CVE-2023-33224
Patch
CWE-696
High · CVSS 7.2
EPSS 0.2% (48th pct)2023-07-26
SolarWinds Platform Deserialization of Untrusted Data Vulnerability
CVE-2023-33225
Patch
CWE-697
High · CVSS 7.2
EPSS 0.2% (44th pct)2023-07-26
SolarWinds Platform Incomplete List of Disallowed Inputs Vulnerability
CVE-2023-23844
Patch
CWE-184
High · CVSS 7.2
EPSS 0.2% (44th pct)2023-07-26
Medium vulnerability · 2023-04-25
CVE-2023-23839
Patch
CWE-200
Medium · CVSS 6.5
EPSS 2.3% (85th pct)2023-04-25
SolarWinds Platform Incorrect Input Neutralization Vulnerability
CVE-2022-47509
Patch
CWE-79
Medium · CVSS 6.1
EPSS 3.4% (88th pct)2023-04-21
High vulnerability · 2023-04-21
CVE-2022-47505
Patch
CWE-269
High · CVSS 7.8
EPSS 0.3% (52th pct)2023-04-21
High vulnerability · 2023-02-15
CVE-2023-23836
Patch
CWE-502
High · CVSS 7.2
EPSS 67.2% (99th pct)2023-02-15

Showing 30 of 44

Common weakness types

The CWE weakness categories most often found in SolarWinds Platform CVEs. Follow any weakness for its full explanation.

CWE-502Deserialization of Untrusted Data9 CVEs
CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')8 CVEs
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')5 CVEs
CWE-697Incorrect Comparison4 CVEs
CWE-287Improper Authentication2 CVEs
CWE-20Improper Input Validation2 CVEs
CWE-269Improper Privilege Management1 CVE
CWE-200Exposure of Sensitive Information to an Unauthorized Actor1 CVE

Disclosure activity by year

How many SolarWinds Platform CVEs were published each year.

2022

9

2023

20

2024

12

2025

3

Other solarwinds products

Browse vulnerabilities for other products by solarwinds.

orion platform51 CVEs serv-u40 CVEs access rights manager32 CVEs access_rights_manager23 CVEs Web Help Desk22 CVEs serv-u file server21 CVEs serv-u ftp server12 CVEs database performance analyzer10 CVEs

All solarwinds vulnerabilities

Frequently asked questions

Common questions about SolarWinds Platform vulnerabilities.

How many CVEs does solarwinds SolarWinds Platform have?

solarwinds SolarWinds Platform has 44 published CVE records since 2022.

How many solarwinds SolarWinds Platform CVEs are in CISA KEV?

None of solarwinds SolarWinds Platform's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.

Are there public exploits for solarwinds SolarWinds Platform vulnerabilities?

Yes — 2 of solarwinds SolarWinds Platform's CVEs have a known public exploit.

Which versions of solarwinds SolarWinds Platform are affected?

20 distinct solarwinds SolarWinds Platform versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.

What are the most common weakness types in solarwinds SolarWinds Platform CVEs?

solarwinds SolarWinds Platform's CVEs most often map to these CWE weakness types: CWE-502 (Deserialization of Untrusted Data), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')), CWE-697 (Incorrect Comparison).

What is the average severity of solarwinds SolarWinds Platform CVEs?

The average CVSS base score across solarwinds SolarWinds Platform's scored CVEs is 7.0.

References

All solarwinds vulnerabilities
The MITRE CVE Program (opens in a new tab)
Learn: What is a CVE?
CWE directory: the weakness types these CVEs map to

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track SolarWinds Platform vulnerabilities

Monitor new SolarWinds Platform vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing

On this page

Overview
Severity and exploitation
Affected versions and CVEs
Common weakness types
Disclosure activity
Other products
FAQ
References