CVE-2026-9072

HIGH NVD

CVSS Score 8.1

Severity HIGH

Published Jun 22, 2026

Vendor unknown

Description

IBM i 7.6, 7.5, 7.4, and 7.3, IBM WebSphere Application Server, and IBM WebSphere Application Server Liberty - when using Intelligent Management with the WebSphere WebServer Plug-in component - are vulnerable to remote code execution and denial of service. This vulnerability can be exploited when an attacker impersonates backend servers and sends crafted responses to the plug-in.

References

https://www.ibm.com/support/pages/node/7277344