CVE-2026-11541
- EPSS 0.34%
- Veröffentlicht 30.06.2026 20:56:04
- Zuletzt bearbeitet 02.07.2026 17:55:28
IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability.
CVE-2026-11594
- EPSS 0.28%
- Veröffentlicht 30.06.2026 20:50:34
- Zuletzt bearbeitet 02.07.2026 17:57:37
IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console.
CVE-2026-11714
- EPSS 0.19%
- Veröffentlicht 30.06.2026 20:17:28
- Zuletzt bearbeitet 02.07.2026 17:59:28
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the apiDiscovery-1.0 feature enabled.
CVE-2026-11806
- EPSS 0.5%
- Veröffentlicht 30.06.2026 20:17:28
- Zuletzt bearbeitet 02.07.2026 17:58:55
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 is affected by an arbitrary file read vulnerability with the restConnector-2.0 feature enabled.
CVE-2026-11546
- EPSS 0.21%
- Veröffentlicht 30.06.2026 20:17:27
- Zuletzt bearbeitet 02.07.2026 18:09:50
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the adminCenter-1.0 feature enabled.
CVE-2026-11595
- EPSS 0.27%
- Veröffentlicht 30.06.2026 20:17:27
- Zuletzt bearbeitet 02.07.2026 18:09:06
IBM WebSphere Application Server 9.0, and 8.5 could allow a remote attacker to obtain sensitive information from the administrative console's integrated help system.
CVE-2026-11708
- EPSS 0.22%
- Veröffentlicht 30.06.2026 20:17:27
- Zuletzt bearbeitet 02.07.2026 18:07:30
IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console's integrated help system.
CVE-2026-11712
- EPSS 0.22%
- Veröffentlicht 30.06.2026 20:17:27
- Zuletzt bearbeitet 02.07.2026 18:06:52
IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console help system.
CVE-2026-10852
- EPSS 0.27%
- Veröffentlicht 22.06.2026 19:32:28
- Zuletzt bearbeitet 30.06.2026 18:06:14
IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere WebServer Plug-in component when an attacker can pass crafted requests to the web server.
CVE-2026-9320
- EPSS 0.31%
- Veröffentlicht 22.06.2026 14:53:36
- Zuletzt bearbeitet 23.06.2026 20:46:51
IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerab...