CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added yesterday•19 views

CVE-2026-10852 IBM i is Affected By a Denial of Service in IBM WebSphere Application Server Liberty

5.9CVSS

NVD•added yesterday•5 views

CVE-2026-9071

IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory...

7.5CVSS

NVD•added yesterday•5 views

CVE-2026-8646

IBM WebSphere Application Server 9.0 and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are vulnerable to HTTP request smuggling. A remote attacker could smuggle a specially crafted request to the application server thereby allowing the attacker to bypass security...

7.4CVSS

NVD•added yesterday•5 views

CVE-2026-10845

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to bypass authentication and gain unauthorized access to JAX-WS applications...

7.3CVSS

EUVD-2026-38254

5.9CVSS5.9AI score

Cvelist•added yesterday•26 views

CVE-2026-9320 IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by multiple vulnerabilities

5.9CVSS

EUVD-2026-38253

7.5CVSS5.9AI score

CVE•added yesterday•8 views

CVE-2026-9071

CVE-2026-9071 affects IBM WebSphere Application Server 9.0 and 8.5, and WebSphere Application Server Liberty 17.0.0.3–26.0.0.6. It is a denial-of-service vulnerability caused by processing a specially crafted request, which can cause the server to consume memory resources (CVSS Base 7.5, Availabi...

7.5CVSS6AI score

EUVD-2026-38252

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to server-side request forgery SSRF with the Ajax Proxy configured. This may allow an attacker to send unauthorized requests from the system, resulting in a security bypass or information disclosure...

7.4CVSS5.8AI score

Cvelist•added yesterday•29 views

CVE-2026-8646 IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by multiple vulnerabilities

7.4CVSS

CVE•added yesterday•12 views

CVE-2026-8646

7.4CVSS5.9AI score

EUVD-2026-38288

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to bypass authentication and gain unauthorized access to JAX-WS applications...

7.3CVSS5.9AI score

CVE•added yesterday•12 views

CVE-2026-8858

Summary: CVE-2026-8858 affects IBM WebSphere Web Server Plug-ins used with IBM WebSphere Application Server/Liberty and IBM HTTP Server. The vulnerability allows remote code execution and denial of service when an attacker impersonates the application server and sends crafted responses to the plu...

7.5CVSS6.5AI score

IBM Security Bulletins•added 5 days ago•8 views

Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by server-side request forgery

Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is affected by server-side request forgery CVE-2026-9006 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Version...

7.4CVSS5.2AI score

IBM Security Bulletins•added 5 days ago•3 views

Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by an authentication bypass vulnerability

Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is affected by an authentication bypass vulnerability CVE-2026-10845 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...

7.3CVSS5.3AI score

IBM Security Bulletins•added 5 days ago•3 views

Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by multiple vulnerabilities when using the Web Server Plug-ins

Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is affected by multiple vulnerabilities when using the Web Server Plug-ins CVE-2026-9072, CVE-2026-8858, CVE-2026-10852 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

8.1CVSS5.3AI score

IBM Security Bulletins•added 6 days ago•4 views

Security Bulletin: Vulnerabilities have been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2026-10845, CVE-2026-8646, CVE-2026-9320, CVE-2026-9071 and CVE-2026-9006)

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about multiple vulnerabilities affecting WebSphere Application Server have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in...

7.5CVSS5.5AI score

IBM Security Bulletins•added 6 days ago•11 views

Security Bulletin: IBM WebSphere Application Server is affected by an identity spoofing vulnerability (CVE-2026-8644)

Summary IBM WebSphere Application Server is affected by an identity spoofing vulnerability. Vulnerability Details CVEID:CVE-2026-8644 DESCRIPTION: IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing. CWE:CWE-290: Authentication Bypass by Spoofing CVSS Source: IBM CVSS...

9.1CVSS5.2AI score0.00279EPSS

IBM Security Bulletins•added 2026/06/16 8:8 p.m.•9 views

Security Bulletin: IBM WebSphere Application Server is affected by remote code execution (CVE-2026-9311, CVE-2026-9330)

Summary IBM WebSphere Application Server is affected by remote code execution. Vulnerability Details CVEID:CVE-2026-9330 DESCRIPTION: IBM WebSphere Application Server 9.0, and 8.5 is affected by an improper validation of user-supplied data during deserialization using the SAML Web Single Sign-On...

9CVSS6.5AI score0.00399EPSS