CVE-2026-9006

HIGH NVD

CVSS Score 7.4

Severity HIGH

Published Jun 22, 2026

Vendor unknown

Description

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to server-side request forgery (SSRF) with the Ajax Proxy configured. This may allow an attacker to send unauthorized requests from the system, resulting in a security bypass or information disclosure.

References

https://www.ibm.com/support/pages/node/7276600