695 matches found
IBM WebSphere Application Server Liberty 17.0.0.3 < 26.0.0.8 (7278572)
The version of IBM WebSphere Application Server Liberty running on the remote host is affected by a vulnerability as referenced in the 7278572 advisory. - IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the...
CVE-2026-11541 IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by HTTP request smuggling
IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability...
CVE-2026-11714
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the apiDiscovery-1.0 feature enabled...
CVE-2026-11806
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 is affected by an arbitrary file read vulnerability with the restConnector-2.0 feature enabled...
EUVD-2026-40399
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the adminCenter-1.0 feature enabled...
CVE-2026-11546 IBM WebSphere Application Server Liberty is affected by a server-side request forgery vulnerability
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the adminCenter-1.0 feature enabled...
EUVD-2026-40395
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the apiDiscovery-1.0 feature enabled...
CVE-2026-11714
IBM WebSphere Application Server Liberty versions 17.0.0.3 through 26.0.0.7 are affected by a server-side request forgery (SSRF) vulnerability in the apiDiscovery-1.0 feature. The issue is identified as CVE-2026-11714; IBM’s bulletin reports CVSS v3.1 base score 8.5 (PR:L, S:C, C:H/I:L/A:N). The ...
EUVD-2026-40394
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 is affected by an arbitrary file read vulnerability with the restConnector-2.0 feature enabled...
CVE-2026-11806 IBM WebSphere Application Server Liberty is affected by a an arbitrary file read vulnerability
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 is affected by an arbitrary file read vulnerability with the restConnector-2.0 feature enabled...
Security Bulletin: IBM WebSphere Application Server Liberty is affected by an authorization bypass vulnerability (CVE-2026-11714)
Summary IBM WebSphere Application Server Liberty is affected by an authorization bypass vulnerability with the apiDiscovery-1.0 feature enabled. Vulnerability Details CVEID:CVE-2026-11714 DESCRIPTION: IBM WebSphere Application Server Liberty is affected by a server-side request forgery...
Security Bulletin: IBM WebSphere Application Server Liberty is affected by a server-side request forgery vulnerability (CVE-2026-11546)
Summary IBM WebSphere Application Server Liberty is affected by a server-side request forgery vulnerability with the adminCenter-1.0 feature enabled. Vulnerability Details CVEID:CVE-2026-11546 DESCRIPTION: IBM WebSphere Application Server Liberty is affected by a server-side request forgery...
PT-2026-53965
Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server - Liberty versions 17.0.0.3 through 26.0.0.6 Description An arbitrary file read issue exists when the restConnector-2.0 feature is enabled. This allows an attacker to read files from the system that they should...
PT-2026-53960
Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server - Liberty versions 17.0.0.3 through 26.0.0.7 Description A server-side request forgery SSRF issue exists when the adminCenter-1.0 feature is enabled. SSRF is a flaw that allows an attacker to induce the...
PT-2026-53964
Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server - Liberty versions 17.0.0.3 through 26.0.0.7 Description A server-side request forgery SSRF issue exists when the apiDiscovery-1.0 feature is enabled. SSRF is a flaw that allows an attacker to induce the...
Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled IBM WebSphere Remote Server, are affected by HTTP request smuggling (CVE-2026-11541)
Summary IBM WebSphere Application Server and WebSphere Application Server Liberty is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server and WebSphere Application Server Liberty has been published in a security bulletin...
Security Bulletin: IBM Engineering Lifecycle Management products using WebSphere Application Server Liberty is affected by a prototype pollution vulnerability due to immutable (CVE-2026-29063)
Summary There is a vulnerability in the immutable library which affects IBM WebSphere Application Server Liberty with the openapi-3.0, openapi-3.1, mpOpenAPI-1.0, mpOpenAPI-1.1, mpOpenAPI-2.0, mpOpenAPI-3.0 mpOpenAPI-3.1, mpOpenAPI-4.0 or mpOpenAPI-4.1 feature enabled. Following IBM Engineering...
Security Bulletin: Multiple Vulnerabilities in WebSphere Application Server Liberty affect IBM Cloud Pak System [CVE-2024-56339. CVE-2023-50314]
Summary Vulnerabilities in IBM WebSphere Application Server Liberty affect IBM Cloud Pak System. Vulnerability Details CVEID:CVE-2024-56339 DESCRIPTION: IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 could allow a remote attacker to bypass...
Security Bulletin: Vulnerabilities found in Watson Data Intelligence
Summary Multiple Vulnerabilities were addressed in Watson Data Intelligence version 5.3.1-patch3. Vulnerability Details CVEID:CVE-2025-14917 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expecte...
Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by HTTP request smuggling (CVE-2026-11541)
Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by remote code execution and HTTP request smuggling. Vulnerability Details CVEID:CVE-2026-11541 DESCRIPTION: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by an...