CVE-2026-8644
published 2026-06-01CVE-2026-8644: IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing.
critical9.1CVSS 3.1
AVNACLPRNUINSUCNIHAH
IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bagisto | bagisto | >= 0 < 2.3.10 | 2.3.10 |
| ibm | websphere_application_server | — | — |
| ibm | websphere_application_server | 9.0 – 1.1.9.12 | — |