5083 matches found
Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Businsess Automation Workflow (CVE-2026-50645, CVE-2026-9322, CVE-2026-9171,CVE-2026-11712, CVE-2026-11595, CVE-2026-11708)
Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about security vulnerabilities affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security bulletins...
CVE-2026-11541
IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability...
CVE-2026-11594
IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console...
CVE-2026-11541
IBM WebSphere Application Server 9.0, 8.5 and IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability tracked as CVE-2026-11541. The available connected sources consistently identify the affected products and the vulnerability cla...
EUVD-2026-40411
IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console...
CVE-2026-11594 IBM WebSphere Application Server is affected by multiple cross-site scripting vulnerabilities
IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console...
CVE-2026-11595 IBM WebSphere Application Server is affected by a Path Traversal vulnerability
IBM WebSphere Application Server 9.0, and 8.5 could allow a remote attacker to obtain sensitive information from the administrative console's integrated help system...
EUVD-2026-40398
IBM WebSphere Application Server 9.0, and 8.5 could allow a remote attacker to obtain sensitive information from the administrative console's integrated help system...
CVE-2026-11708 IBM WebSphere Application Server is affected by a cross-site scripting vulnerability
IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console's integrated help system...
EUVD-2026-40397
IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console's integrated help system...
CVE-2026-11708
IBM WebSphere Application Server 9.0 and 8.5 are affected by a cross-site scripting vulnerability in the administrative console's integrated help system (CVE-2026-11708). Root cause described in the IBM bulletin is improper neutralization of input in the help system. Impact per the sources indica...
CVE-2026-11712
CVE-2026-11712 affects IBM WebSphere Application Server 9.0 and 8.5, with a cross-site scripting vulnerability in the administrative console help system. IBM security bulletin and multiple sources (IBM pages for WebSphere vulnerabilities) identify CVSS v3.1 base score of 9.3, indicating high impa...
EUVD-2026-40396
IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console help system...
CVE-2026-11714 IBM WebSphere Application Server Liberty is affected by an authorization bypass vulnerability
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the apiDiscovery-1.0 feature enabled...
Security Bulletin: IBM WebSphere Application Server is affected by server-side request forgery (CVE-2026-9006)
Summary IBM WebSphere Application Server is affected by a server-side request forgery vulnerability with the Ajax Proxy configured. Vulnerability Details CVEID:CVE-2026-9006 DESCRIPTION: IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to server-side request forgery SSRF with the Ajax...
Security Bulletin: Security vulnerability has been found in WebSphere Application Server shipped with IBM Guardium Key Lifecycle Manager (SKLM/GKLM)
Summary WebSphere Application Server is shipped as a component of IBM Guardium Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed...
PT-2026-53990
Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server version 9.0 IBM WebSphere Application Server version 8.5 IBM WebSphere Application Server - Liberty versions 17.0.0.3 through 26.0.0.6 Description An HTTP request smuggling issue exists, which occurs when there...
PT-2026-53963
Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server version 9.0 IBM WebSphere Application Server version 8.5 Description A cross-site scripting issue exists within the administrative console help system. Cross-site scripting is a flaw that allows an attacker to...
PT-2026-53961
Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server version 9.0 IBM WebSphere Application Server version 8.5 Description A remote attacker could obtain sensitive information from the integrated help system of the administrative console. Recommendations At the...
Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled IBM WebSphere Remote Server, are affected by HTTP request smuggling (CVE-2026-11541)
Summary IBM WebSphere Application Server and WebSphere Application Server Liberty is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server and WebSphere Application Server Liberty has been published in a security bulletin...