Websphere application server
This hub aggregates every CVE we track for Websphere application server, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
466
CVEs tracked
48
Critical
86
High
1
In CISA KEV
Severity distribution
MEDIUM290HIGH86CRITICAL48LOW42
Monthly trend
1
2
1
3
2
0
0
0
0
1
1
1
1
5
1
0
0
1
0
2
4
1
4
9
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Websphere application server.
- CVE-2026-9320IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by multiple vulnerabilities5.9
- CVE-2026-9071IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by Uncontrolled Resource Consumption7.5
- CVE-2026-9006IBM WebSphere Application Server is affected by server-side request forgery7.4
- CVE-2026-8646IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by multiple vulnerabilities7.4
- CVE-2026-10845IBM WebSphere Application Server is affected by an authentication bypass vulnerability7.3
- CVE-2026-9330IBM WebSphere Application Server is affected by remote code execution8.5
- CVE-2026-9319IBM WebSphere Application Server is affected by a remote code execution vulnerability9.0
- CVE-2026-9311IBM WebSphere Application Server is affected by remote code execution9.0
- CVE-2026-8644IBM WebSphere Application Server is affected by an identity spoofing vulnerability9.1
- CVE-2026-5516IBM WebSphere Application Server Liberty is affected by a security bypass vulnerability4.4
- CVE-2026-4410IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by a denial of service4.8
- CVE-2026-8633IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by multiple vulnerabilities when using when using Web Server Plug-ins9.8
- CVE-2026-8620IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by multiple vulnerabilities when using when using Web Server Plug-ins7.5
- CVE-2026-3621IBM WebSphere Application Server Liberty is affected by identity spoofing7.5
- CVE-2025-14917IBM WebSphere Application Server Liberty could provide weaker than expected security6.7
Product normalization is registry-driven with AI assist and human review. How it works