CVE-2026-9311

CVSS Score & Metrics

Base Score

9.0 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H                                    

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls.

Published Date

June 01, 2026

Last Modified

June 04, 2026

CWE ID

CWE-94

Source

NVD

Vendor

ibm

Product

websphere_application_server