CVE-2026-11806
- EPSS 0.5%
- Veröffentlicht 30.06.2026 20:17:28
- Zuletzt bearbeitet 02.07.2026 17:58:55
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 is affected by an arbitrary file read vulnerability with the restConnector-2.0 feature enabled.
CVE-2026-11714
- EPSS 0.19%
- Veröffentlicht 30.06.2026 20:17:28
- Zuletzt bearbeitet 02.07.2026 17:59:28
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the apiDiscovery-1.0 feature enabled.
CVE-2026-11546
- EPSS 0.21%
- Veröffentlicht 30.06.2026 20:17:27
- Zuletzt bearbeitet 02.07.2026 18:09:50
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the adminCenter-1.0 feature enabled.
CVE-2026-10852
- EPSS 0.27%
- Veröffentlicht 22.06.2026 19:32:28
- Zuletzt bearbeitet 09.07.2026 21:16:54
IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere WebServer Plug-in component when an attacker can pass crafted requests to the web server.
CVE-2026-9072
- EPSS 0.38%
- Veröffentlicht 22.06.2026 14:21:35
- Zuletzt bearbeitet 09.07.2026 21:16:56
IBM WebSphere Application Server and IBM WebSphere Application Server Liberty - when using Intelligent Management with the WebSphere WebServer Plug-in component - are vulnerable to remote code execution and denial of service. This vulnerability can b...
CVE-2026-5516
- EPSS 0.21%
- Veröffentlicht 27.05.2026 13:00:04
- Zuletzt bearbeitet 02.06.2026 17:16:38
IBM WebSphere Application Server - Liberty 22.0.0.11 through 26.0.0.5 IBM WebSphere Application Server Liberty could allow a remote attacker to bypass security under limited conditions by exploiting a specific timing window.
CVE-2026-3621
- EPSS 0.28%
- Veröffentlicht 22.04.2026 23:07:31
- Zuletzt bearbeitet 13.05.2026 20:24:13
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.4 IBM WebSphere Application Server Liberty is vulnerable to identity spoofing under limited conditions when an application is deployed without authentication and authorization configu...
CVE-2025-14917
- EPSS 0.36%
- Veröffentlicht 25.03.2026 20:13:55
- Zuletzt bearbeitet 30.03.2026 16:59:11
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings.
CVE-2025-14915
- EPSS 0.5%
- Veröffentlicht 25.03.2026 20:12:27
- Zuletzt bearbeitet 30.03.2026 16:59:31
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is affected by privilege escalation. A privileged user could gain additional access to the application server.
CVE-2026-1561
- EPSS 0.28%
- Veröffentlicht 25.03.2026 20:10:10
- Zuletzt bearbeitet 30.03.2026 16:58:21
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is vulnerable to server-side request forgery (SSRF). This may allow remote attacker to send unauthorized requests from the system, potential...