๐Ÿ” CVE Alert

CVE-2026-28322

MEDIUM 5.6

SolarWinds Database Performance Analyzer Stored Cross-Site Scripting Vulnerability

CVSS Score
5.6
EPSS Score
0.0%
EPSS Percentile
0th

SolarWinds Database Performance Analyzer was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution.

CWE CWE-20
Vendor solarwinds
Product database performance analyzer
Published Jun 30, 2026
Stay Ahead of the Next One

Get instant alerts for solarwinds database performance analyzer

Be the first to know when new medium vulnerabilities affecting solarwinds database performance analyzer are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N
Attack Vector
Adjacent
Attack Complexity
High
Privileges Required
High
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Affected Versions

SolarWinds / Database Performance Analyzer
2026.1 and below

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
solarwinds.com: https://www.solarwinds.com/trust-center/security-advisories/cve-2026-28322 documentation.solarwinds.com: https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2026-2_release_notes.htm support.solarwinds.com: https://support.solarwinds.com/SuccessCenter/s/article/DPA-Secure-Configuration-Guide-Best-Practices-and-Recommendations?language=en_US