CVE-2026-9311

CRITICAL

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls.

CVSS v3.1 Score

9.0
CRITICAL
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
NETWORK
Complexity
HIGH
Privileges
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH
Published: 6/1/2026Modified: 6/2/2026

Related Intelligence (1)

CRITICALVulnerability

NVD CRITICAL: CVE-2026-9311 — IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execu...

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls.

CVE-2026-9311
NIST NVD

References (1)

https://www.ibm.com/support/pages/node/7274733