{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T21:31:18.739","vulnerabilities":[{"cve":{"id":"CVE-2025-26400","sourceIdentifier":"psirt@solarwinds.com","published":"2025-07-29T08:15:26.053","lastModified":"2025-11-17T16:11:59.000","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"SolarWinds Web Help Desk was reported to be affected by an XML External Entity Injection (XXE) vulnerability that could lead to information disclosure. A valid, low-privilege access is required unless the attacker had access to the local server to modify configuration files."},{"lang":"es","value":"Se informó que SolarWinds Web Help Desk se vio afectado por una vulnerabilidad de inyección de entidades externas XML (XXE) que podría provocar la divulgación de información. Se requiere un acceso válido con privilegios bajos, a menos que el atacante tuviera acceso al servidor local para modificar los archivos de configuración."}],"metrics":{"cvssMetricV31":[{"source":"psirt@solarwinds.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"psirt@solarwinds.com","type":"Secondary","description":[{"lang":"en","value":"CWE-611"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:solarwinds:web_help_desk:*:*:*:*:*:*:*:*","versionEndExcluding":"12.8.7","matchCriteriaId":"FE441DEF-EFE1-47A6-A542-40B493D72AEF"}]}]}],"references":[{"url":"https://documentation.solarwinds.com/en/success_center/whd/content/release_notes/whd_12-8-7_release_notes.htm","source":"psirt@solarwinds.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-26400","source":"psirt@solarwinds.com","tags":["Patch","Vendor Advisory"]}]}}]}