Skip to content
Threat Feed

Product

WebSphere Application Server

4 briefs RSS
high advisory

IBM WebSphere Application Server: Authenticated Remote Action Execution Vulnerability

A vulnerability in IBM WebSphere Application Server allows a remote, authenticated attacker to execute arbitrary actions on the server, potentially leading to a compromise of the host system.

WebSphere Application Server websphere vulnerability rce ibm server authenticated-access
1t
high advisory

CVE-2026-9170: IBM WebSphere Application Server and Liberty Improper Input Validation Vulnerability

IBM WebSphere Application Server and WebSphere Liberty versions 8.5 and 9.0 are vulnerable to denial of service and potential remote code execution due to improper input validation as described in CVE-2026-9170.

WebSphere Application Server +2 vulnerability websphere rce dos
2r 2t 1c
medium threat

CVE-2026-8620: IBM WebSphere Application Server HTTP Request Smuggling Vulnerability

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5 and 9.0 are vulnerable to HTTP request smuggling due to inconsistent interpretation of HTTP requests, potentially leading to unauthorized access and data manipulation.

WebSphere Application Server +3 http-request-smuggling websphere cve-2026-8620
2r 1t 1c
critical advisory

CVE-2026-8633: IBM WebSphere Application Server RCE via Crafted Request

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty are vulnerable to remote code execution in the Web Server Plug-ins, through a specially crafted request (CVE-2026-8633).

WebSphere Application Server +3 rce websphere cve-2026-8633
2r 1t 1c