Use cases
Software Products E-commerce MSPs Schools Development & Marketing DevOps Agencies Help Desk
Company
Internet Status Blog Pricing Log in Get started free

Outage in WithSecure

Axios vulnerability in Policy Manager Webreporting

Resolved Minor
April 14, 2026 - Started 5 days ago - Lasted 2 days
Official incident page

Incident Report

We have identified that WithSecure Policy Manager (PM) includes a version of the Axios library within the web reporting component that is currently flagged as vulnerable. Based on our assessment, the associated risk is low. As a precautionary measure, we recommend the following: Reviewing the current firewall and network configuration to ensure that the Policy Manager webreporting interface is not accessible from external networks Ensuring restricted access to this component significantly reduces any potential exposure. We are investigating on a fix for the issue.
Components affected
WithSecure Endpoints (Clients & Servers)

Trusted by 1,000+ teams

The Status Page Aggregator with Early Outage Detection

Stop finding out about outages from your users. Monitor 6,320+ cloud services and get alerted the second something breaks.

Start Free Trial
  • No credit card
  • 14-day trial
  • 2-minute setup
IsDown status aggregator dashboard
Latest Updates ( sorted recent to last )
RESOLVED 3 days ago - at 04/16/2026 02:17PM

We have created a hotfix for this issue. We advise all our Business Suite partners and customers to apply this hotfix at the earliest opportunity.
The risk can further be mitigated by ensuring that Policy Manager’s Web Reporting interface is not accessible from the internet.
This can be done with external firewall configurations.

The hotfix can be downloaded from the WithSecure Download Center: https://support.withsecure.com/en/support/download

For more information on the Axios vulnerability (CVE-2026-40175) and WithSecure's response, please visit
https://community.withsecure.com/announcements-en/kb/articles/32898-cve-2026-40175-for-axios-javascript-library

INVESTIGATING 5 days ago - at 04/14/2026 02:35PM

We have identified that WithSecure Policy Manager (PM) includes a version of the Axios library within the web reporting component that is currently flagged as vulnerable.

Based on our assessment, the associated risk is low. As a precautionary measure, we recommend the following:

Reviewing the current firewall and network configuration to ensure that the Policy Manager webreporting interface is not accessible from external networks

Ensuring restricted access to this component significantly reduces any potential exposure.

We are investigating on a fix for the issue.

Latest WithSecure outages

Contact Support form not working - 27 days ago
WithSecure Elements might incorrectly show "Malware Protection disabled" after reboot - about 2 months ago
Contact Support form not working - about 2 months ago
Provisioning API is returning 503 Back-end server is at capacity error - 2 months ago
WithSecure Elements portal: Profiles show incorrect settings and can not be saved - 3 months ago

The Status Page Aggregator with Early Outage Detection

With IsDown, you can monitor all your critical services' official status pages from one centralized dashboard and receive instant alerts the moment an outage is detected. Say goodbye to constantly checking multiple sites for updates and stay ahead of outages with IsDown.

Start free trial

No credit card required · Cancel anytime · 6320 services available

Integrations with Slack Microsoft Teams Google Chat Datadog PagerDuty Zapier Discord Webhook