9.8
CVE-2026-9170
- EPSS 0.49%
- Veröffentlicht 26.05.2026 17:31:55
- Zuletzt bearbeitet 11.06.2026 14:16:33
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM HTTP Server is affected by multiple vulnerabilities
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service and a potential remote code execution due to improper input validation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ HTTP Server Version8.5.0.0
Ibm ≫ HTTP Server Version9.0.0.0
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.49% | 0.381 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-94 Improper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
https://www.ibm.com/support/pages/node/7274065