CVE-2026-11541 (GCVE-0-2026-11541)
Vulnerability from cvelistv5 – Published: 2026-06-30 20:56 – Updated: 2026-07-01 14:52
VLAI
EPSS
VEX
Title
IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by HTTP request smuggling
Summary
IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability.
Severity
7.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7277550 | vendor-advisorypatch |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | WebSphere Application Server |
Affected:
9.0
Affected: 8.5 cpe:2.3:a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:websphere_application_server:9.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:* cpe:2.3:a:ibm:websphere_application_server:8.5.0:*:*:*:*:*:*:* |
|
| IBM | WebSphere Application Server - Liberty |
Affected:
17.0.0.3 , ≤ 26.0.0.6
(semver)
cpe:2.3:a:ibm:websphere_application_server___liberty:17.0.0.3:*:*:*:*:*:*:* cpe:2.3:a:ibm:websphere_application_server___liberty:26.0.0.6:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-11541",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T14:52:04.153923Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T14:52:15.909Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:websphere_application_server:9.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:websphere_application_server:8.5.0:*:*:*:*:*:*:*"
],
"product": "WebSphere Application Server",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "8.5"
}
]
},
{
"cpes": [
"cpe:2.3:a:ibm:websphere_application_server___liberty:17.0.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:websphere_application_server___liberty:26.0.0.6:*:*:*:*:*:*:*"
],
"product": "WebSphere Application Server - Liberty",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "26.0.0.6",
"status": "affected",
"version": "17.0.0.3",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability.\u003c/p\u003e"
}
],
"value": "IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T20:56:04.135Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7277550"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by applying a currently available interim fix or fix pack that contains the fix for APAR PH71808 and PH71706.\u0026nbsp;\u003c/p\u003e\u003cdiv\u003e\u003cp\u003e\u003cstrong\u003eFor IBM WebSphere Application Server Liberty 17.0.0.3 - 26.0.0.6:\u003c/strong\u003e\u003c/p\u003e\u003cp\u003e\u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves \u003ca href=\"https://www.ibm.com/support/pages/node/7277460\" rel=\"nofollow\"\u003ePH71808\u003c/a\u003e\u003cbr\u003e--OR--\u003cbr\u003e\u00b7 Apply Fix Pack 26.0.0.7 or later (targeted availability 3Q2026).\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eFor IBM WebSphere Application Server traditional:\u003c/strong\u003e\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eFor V9.0.0.0 through 9.0.5.28:\u003c/strong\u003e\u003cbr\u003e\u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves \u003ca href=\"https://www.ibm.com/support/pages/node/7277463\" rel=\"nofollow\"\u003ePH71706\u003c/a\u003e\u003cbr\u003e--OR--\u003cbr\u003e\u00b7 Apply Fix Pack 9.0.5.29 or later (targeted availability 3Q2026).\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eFor V8.5.0.0 through 8.5.5.30:\u003c/strong\u003e\u003cbr\u003e\u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves \u003ca href=\"https://www.ibm.com/support/pages/node/7277463\" rel=\"nofollow\"\u003ePH71706\u003c/a\u003e\u003cbr\u003e--OR--\u003cbr\u003e\u00b7 Apply Fix Pack 8.5.5.31 or later (targeted availability 3Q2026).\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003c/div\u003e\u003cp\u003eAdditional interim fixes may be available and linked off the interim fix download page.\u003c/p\u003e"
}
],
"value": "IBM strongly recommends addressing the vulnerability now by applying a currently available interim fix or fix pack that contains the fix for APAR PH71808 and PH71706.\u00a0\n\n\n\nFor IBM WebSphere Application Server Liberty 17.0.0.3 - 26.0.0.6:\n\n\n\n\u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves PH71808 https://www.ibm.com/support/pages/node/7277460 \n--OR--\n\u00b7 Apply Fix Pack 26.0.0.7 or later (targeted availability 3Q2026).\n\n\n\n\n\n\n\nFor IBM WebSphere Application Server traditional:\n\n\n\nFor V9.0.0.0 through 9.0.5.28:\n\u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves PH71706 https://www.ibm.com/support/pages/node/7277463 \n--OR--\n\u00b7 Apply Fix Pack 9.0.5.29 or later (targeted availability 3Q2026).\u00a0\n\n\n\nFor V8.5.0.0 through 8.5.5.30:\n\u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves PH71706 https://www.ibm.com/support/pages/node/7277463 \n--OR--\n\u00b7 Apply Fix Pack 8.5.5.31 or later (targeted availability 3Q2026).\u00a0\n\n\n\n\n\n\n\n\n\nAdditional interim fixes may be available and linked off the interim fix download page."
}
],
"title": "IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by HTTP request smuggling",
"x_generator": {
"engine": "ibm-cvegen"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2026-11541",
"datePublished": "2026-06-30T20:56:04.135Z",
"dateReserved": "2026-06-08T02:55:08.653Z",
"dateUpdated": "2026-07-01T14:52:15.909Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-11541",
"date": "2026-07-10",
"epss": "0.00418",
"percentile": "0.33687"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-11541\",\"sourceIdentifier\":\"psirt@us.ibm.com\",\"published\":\"2026-06-30T22:16:46.317\",\"lastModified\":\"2026-07-02T17:55:28.050\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability.\"}],\"affected\":[{\"source\":\"psirt@us.ibm.com\",\"affectedData\":[{\"vendor\":\"IBM\",\"product\":\"WebSphere Application Server\",\"cpes\":[\"cpe:2.3:a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*\",\"cpe:2.3:a:ibm:websphere_application_server:9.0.0:*:*:*:*:*:*:*\",\"cpe:2.3:a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*\",\"cpe:2.3:a:ibm:websphere_application_server:8.5.0:*:*:*:*:*:*:*\"],\"versions\":[{\"version\":\"9.0\",\"status\":\"affected\"},{\"version\":\"8.5\",\"status\":\"affected\"}]},{\"vendor\":\"IBM\",\"product\":\"WebSphere Application Server - Liberty\",\"cpes\":[\"cpe:2.3:a:ibm:websphere_application_server___liberty:17.0.0.3:*:*:*:*:*:*:*\",\"cpe:2.3:a:ibm:websphere_application_server___liberty:26.0.0.6:*:*:*:*:*:*:*\"],\"versions\":[{\"version\":\"17.0.0.3\",\"lessThanOrEqual\":\"26.0.0.6\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@us.ibm.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":7.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":5.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-07-01T14:52:04.153923Z\",\"id\":\"CVE-2026-11541\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"total\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"psirt@us.ibm.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-444\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:traditional:*:*:*\",\"versionStartIncluding\":\"8.5.0.0\",\"versionEndExcluding\":\"8.5.5.31\",\"matchCriteriaId\":\"D0F3A34A-A76C-4929-A3A4-B17271E8B193\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:traditional:*:*:*\",\"versionStartIncluding\":\"9.0.0.0\",\"versionEndExcluding\":\"9.0.5.29\",\"matchCriteriaId\":\"2A4B3C11-FDA8-48D6-997F-48EEA8C3CB2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:liberty:*:*:*\",\"versionStartIncluding\":\"17.0.0.3\",\"versionEndIncluding\":\"26.0.0.6\",\"matchCriteriaId\":\"A7115371-D210-4CA1-82E8-36A2B966255A\"}]}]}],\"references\":[{\"url\":\"https://www.ibm.com/support/pages/node/7277550\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-11541\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-07-01T14:52:04.153923Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-07-01T14:52:11.835Z\"}}], \"cna\": {\"title\": \"IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by HTTP request smuggling\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:ibm:websphere_application_server:9.0.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*\", \"cpe:2.3:a:ibm:websphere_application_server:8.5.0:*:*:*:*:*:*:*\"], \"vendor\": \"IBM\", \"product\": \"WebSphere Application Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"9.0\"}, {\"status\": \"affected\", \"version\": \"8.5\"}]}, {\"cpes\": [\"cpe:2.3:a:ibm:websphere_application_server___liberty:17.0.0.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:ibm:websphere_application_server___liberty:26.0.0.6:*:*:*:*:*:*:*\"], \"vendor\": \"IBM\", \"product\": \"WebSphere Application Server - Liberty\", \"versions\": [{\"status\": \"affected\", \"version\": \"17.0.0.3\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"26.0.0.6\"}]}], \"solutions\": [{\"lang\": \"en\", \"value\": \"IBM strongly recommends addressing the vulnerability now by applying a currently available interim fix or fix pack that contains the fix for APAR PH71808 and PH71706.\\u00a0\\n\\n\\n\\nFor IBM WebSphere Application Server Liberty 17.0.0.3 - 26.0.0.6:\\n\\n\\n\\n\\u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves PH71808 https://www.ibm.com/support/pages/node/7277460 \\n--OR--\\n\\u00b7 Apply Fix Pack 26.0.0.7 or later (targeted availability 3Q2026).\\n\\n\\n\\n\\n\\n\\n\\nFor IBM WebSphere Application Server traditional:\\n\\n\\n\\nFor V9.0.0.0 through 9.0.5.28:\\n\\u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves PH71706 https://www.ibm.com/support/pages/node/7277463 \\n--OR--\\n\\u00b7 Apply Fix Pack 9.0.5.29 or later (targeted availability 3Q2026).\\u00a0\\n\\n\\n\\nFor V8.5.0.0 through 8.5.5.30:\\n\\u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves PH71706 https://www.ibm.com/support/pages/node/7277463 \\n--OR--\\n\\u00b7 Apply Fix Pack 8.5.5.31 or later (targeted availability 3Q2026).\\u00a0\\n\\n\\n\\n\\n\\n\\n\\n\\n\\nAdditional interim fixes may be available and linked off the interim fix download page.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eIBM strongly recommends addressing the vulnerability now by applying a currently available interim fix or fix pack that contains the fix for APAR PH71808 and PH71706.\u0026nbsp;\u003c/p\u003e\u003cdiv\u003e\u003cp\u003e\u003cstrong\u003eFor IBM WebSphere Application Server Liberty 17.0.0.3 - 26.0.0.6:\u003c/strong\u003e\u003c/p\u003e\u003cp\u003e\\u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves \u003ca href=\\\"https://www.ibm.com/support/pages/node/7277460\\\" rel=\\\"nofollow\\\"\u003ePH71808\u003c/a\u003e\u003cbr\u003e--OR--\u003cbr\u003e\\u00b7 Apply Fix Pack 26.0.0.7 or later (targeted availability 3Q2026).\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eFor IBM WebSphere Application Server traditional:\u003c/strong\u003e\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eFor V9.0.0.0 through 9.0.5.28:\u003c/strong\u003e\u003cbr\u003e\\u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves \u003ca href=\\\"https://www.ibm.com/support/pages/node/7277463\\\" rel=\\\"nofollow\\\"\u003ePH71706\u003c/a\u003e\u003cbr\u003e--OR--\u003cbr\u003e\\u00b7 Apply Fix Pack 9.0.5.29 or later (targeted availability 3Q2026).\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eFor V8.5.0.0 through 8.5.5.30:\u003c/strong\u003e\u003cbr\u003e\\u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves \u003ca href=\\\"https://www.ibm.com/support/pages/node/7277463\\\" rel=\\\"nofollow\\\"\u003ePH71706\u003c/a\u003e\u003cbr\u003e--OR--\u003cbr\u003e\\u00b7 Apply Fix Pack 8.5.5.31 or later (targeted availability 3Q2026).\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003c/div\u003e\u003cp\u003eAdditional interim fixes may be available and linked off the interim fix download page.\u003c/p\u003e\", \"base64\": false}]}], \"references\": [{\"url\": \"https://www.ibm.com/support/pages/node/7277550\", \"tags\": [\"vendor-advisory\", \"patch\"]}], \"x_generator\": {\"engine\": \"ibm-cvegen\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eIBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-444\", \"description\": \"CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"9a959283-ebb5-44b6-b705-dcc2bbced522\", \"shortName\": \"ibm\", \"dateUpdated\": \"2026-06-30T20:56:04.135Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-11541\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-07-01T14:52:15.909Z\", \"dateReserved\": \"2026-06-08T02:55:08.653Z\", \"assignerOrgId\": \"9a959283-ebb5-44b6-b705-dcc2bbced522\", \"datePublished\": \"2026-06-30T20:56:04.135Z\", \"assignerShortName\": \"ibm\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…