CVE-2026-8633
published 2026-05-26CVE-2026-8633: IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to remote code execution in the Web Server Plug-ins, through a specially crafted request.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | web_server_plug-ins_for_websphere_application_server_and_websphere_liberty | — | — |
| ibm | websphere_application_server | 8.5.0.0 – 8.5.5.29 | — |
| ibm | websphere_application_server | 9.0.0.0 – 9.0.5.27 | — |