Description
SolarWinds Database Performance Analyzer was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution.
Published: 2026-06-30
Score: 5.6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

Vendor Solution

SolarWinds recommends customers upgrade to SolarWinds Database Performance Analyzer version 2026.2 as soon as is practical.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Jul 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 01 Jul 2026 03:45:00 +0000

Type Values Removed Values Added
First Time appeared Solarwinds
Solarwinds database Performance Analyzer
Vendors & Products Solarwinds
Solarwinds database Performance Analyzer

Tue, 30 Jun 2026 22:45:00 +0000

Type Values Removed Values Added
Description SolarWinds Database Performance Analyzer was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution.
Title SolarWinds Database Performance Analyzer Stored Cross-Site Scripting Vulnerability
Weaknesses CWE-20
References
Metrics cvssV3_1

{'score': 5.6, 'vector': 'CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N'}


Subscriptions

Solarwinds Database Performance Analyzer
cve-icon MITRE

Status: PUBLISHED

Assigner: SolarWinds

Published:

Updated: 2026-07-02T03:57:26.377Z

Reserved: 2026-02-26T14:46:41.520Z

Link: CVE-2026-28322

cve-icon Vulnrichment

Updated: 2026-07-01T15:36:25.735Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-01T03:30:05Z

Weaknesses