CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 4 days ago•5 views

IBM WebSphere Application Server 8.5.x < 8.5.5.30 / 9.x < 9.0.5.29 XSS (7277546)

The version of IBM WebSphere Application Server running on the remote host is affected by a XSS vulnerability as referenced in the 7277546 advisory. - IBM WebSphere Application Server is affected by a cross-site scripting vulnerability in the administrative console login page. CWE: CWE-79: Improp...

5.7AI score

Exploits0References4

Tenable Nessus•added 4 days ago•7 views

IBM WebSphere Application Server 8.5.x < 8.5.5.30 / 9.x < 9.0.5.29 RCE (7277544)

The version of IBM WebSphere Application Server running on the remote host is affected by a remote code execution vulnerability as referenced in the 7277544 advisory. - IBM WebSphere Application Server is affected by a remote code execution vulnerability in the SOAP/JMX connector. CWE: CWE-502:...

6.4AI score

Exploits0References2

IBM Security Bulletins•added 5 days ago•3 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM WebSphere Application Server and WebSphere Application Server Liberty shipped with IBM WebSphere Remote Server

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM WebSphere Application Server and WebSphere Application Server Liberty have been published in a security bulletin...

9.8CVSS5.8AI score0.00409EPSS

IBM Security Bulletins•added 5 days ago•3 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM WebSphere Application Server and WebSphere Application Server Liberty shipped with IBM WebSphere Remote Server

9.1CVSS5.8AI score0.00338EPSS

IBM Security Bulletins•added 5 days ago•3 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server CVE-2026-9006

Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. CVE-2026-9006 Vulnerability Details Refer to the security bulletins listed in the...

9.1CVSS5.7AI score0.00221EPSS

IBM Security Bulletins•added 5 days ago•4 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM WebSphere Application Server and WebSphere Application Server Liberty shipped with IBM WebSphere Remote Server

9.8CVSS5.8AI score0.00409EPSS

NVD•added 6 days ago•6 views

CVE-2026-10852

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere WebServer Plug-in component when an attacker can pass crafted requests to the web server...

5.9CVSS0.0026EPSS

Vulnrichment•added 6 days ago•4 views

CVE-2026-10852 Websphere Application Server is Affected By a Denial of Service in IBM WebSphere Application Server Liberty

CVE•added 6 days ago•18 views

CVE-2026-10852

IBM i 7.3–7.6 and IBM WebSphere Application Server/Liberty are affected by CVE-2026-10852, a denial-of-service in the WebSphere WebServer Plug-in when crafted requests are sent. Root cause cited: NULL Pointer Dereference (CWE-476). CVSS 3.1 base score 5.9 (Network, High attack complexity, No priv...

ATTACKERKB•added 6 days ago•5 views

CVE-2026-10852

Exploits0References2Affected Software1

Cvelist•added 6 days ago•23 views

CVE-2026-10852 Websphere Application Server is Affected By a Denial of Service in IBM WebSphere Application Server Liberty

5.9CVSS0.0026EPSS

EUVD•added 6 days ago•4 views

EUVD-2026-38346

IBM i 7.6, 7.5, 7.4, and 7.3, IBM WebSphere Application Server, and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere WebServer Plug-in component when an attacker can pass crafted requests to the web server...

NVD•added 6 days ago•9 views

CVE-2026-9071

IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory...

7.5CVSS0.00314EPSS

NVD•added 6 days ago•7 views

CVE-2026-9320

7.5CVSS0.00323EPSS

NVD•added 6 days ago•7 views

CVE-2026-9006

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to server-side request forgery SSRF with the Ajax Proxy configured. This may allow an attacker to send unauthorized requests from the system, resulting in a security bypass or information disclosure...

9.1CVSS0.00221EPSS

NVD•added 6 days ago•9 views

CVE-2026-8646

IBM WebSphere Application Server 9.0 and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are vulnerable to HTTP request smuggling. A remote attacker could smuggle a specially crafted request to the application server thereby allowing the attacker to bypass security...

9.1CVSS0.00338EPSS

NVD•added 6 days ago•9 views

CVE-2026-8858

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to remote code execution and denial of service in the WebSphere Web Server Plug-in component. This vulnerability can be exploited when an attacker impersonates the application server and sends crafted...

8.8CVSS0.0026EPSS

NVD•added 6 days ago•5 views

CVE-2026-10845

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to bypass authentication and gain unauthorized access to JAX-WS applications...

7.3CVSS0.00337EPSS