Lucene search
+L

CVE-2026-11541

🗓️ 30 Jun 2026 20:56:04Reported by ibmType 
cve
 cve
🔗 web.nvd.nist.gov👁 29 Views

Vulnerability 2026-11541 affects IBM WebSphere Server versions 9.0 and 8.5, and Liberty 17.0.0.3 to 26.0.0.6, via request smuggling.

Related
Detection
Affected
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Buinses Automation Workflow (CVE-2026-11594, CVE-2026-11707, CVE-2026-11383, CVE-2026-11541, CVE-2026-11536)
29 Jun 202613:12
ibm
IBM Security Bulletins
Security Bulletin: SPSS Collaboration and Deployment Services is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty
16 Jul 202616:29
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server, which impacts IBM Tivoli Netcool Configuration Manager
16 Jul 202606:20
ibm
IBM Security Bulletins
Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled with IBM WebSphere Hybrid Edition, are affected by HTTP request smuggling (CVE-2026-11541)
6 Jul 202621:30
ibm
IBM Security Bulletins
Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled with IBM Enterprise Application Runtimes, are affected by HTTP request smuggling (CVE-2026-11541)
6 Jul 202621:30
ibm
IBM Security Bulletins
Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled with IBM Cloud Pak for Applications, are affected by HTTP request smuggling (CVE-2026-11541)
6 Jul 202621:31
ibm
IBM Security Bulletins
Security Bulletin: Vulnerabilities in IBM WebSphere Application (CVE-2026-50645, CVE-2026-9322, CVE-2026-11541, CVE-2026-4410, CVE-2026-9320, CVE-2026-8646, CVE-2026-11806, CVE-2026-9071, CVE-2026-11546, CVE-2026-5516) affects IBM PowerVM Novalink.
16 Jul 202615:19
ibm
IBM Security Bulletins
Security Bulletin: Security vulnerability has been found in WebSphere Application Server shipped with IBM Guardium Key Lifecycle Manager (SKLM/GKLM)
30 Jun 202611:16
ibm
IBM Security Bulletins
Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled IBM WebSphere Remote Server, are affected by HTTP request smuggling (CVE-2026-11541)
29 Jun 202615:40
ibm
IBM Security Bulletins
Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by HTTP request smuggling (CVE-2026-11541)
24 Jun 202603:45
ibm
Rows per page
NVD
Vulners
Node
OR
ibmwebsphere_application_serverRange8.5.0.08.5.5.31traditional
ibmwebsphere_application_serverRange9.0.0.09.0.5.29traditional
ibmwebsphere_application_serverRange17.0.0.326.0.0.6liberty
[
  {
    "vendor": "IBM",
    "product": "WebSphere Application Server",
    "versions": [
      {
        "status": "affected",
        "version": "9.0"
      },
      {
        "status": "affected",
        "version": "8.5"
      }
    ],
    "cpes": [
      "cpe:2.3:a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:websphere_application_server:9.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:websphere_application_server:8.5.0:*:*:*:*:*:*:*"
    ]
  },
  {
    "vendor": "IBM",
    "product": "WebSphere Application Server - Liberty",
    "versions": [
      {
        "status": "affected",
        "version": "17.0.0.3",
        "lessThanOrEqual": "26.0.0.6",
        "versionType": "semver"
      }
    ],
    "cpes": [
      "cpe:2.3:a:ibm:websphere_application_server___liberty:17.0.0.3:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:websphere_application_server___liberty:26.0.0.6:*:*:*:*:*:*:*"
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

02 Jul 2026 17:55Current
5.8Medium risk
Vulners AI Score5.8
CVSS 3.17.4 - 9.8
EPSS0.00418
SSVC
29