CVE Catalog

CVE-2026-10845

HighCVSS 7.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.36%

27th percentile - higher than 27% of all known CVEs

Summary

IBM WebSphere Application Server versions 8.5 and 9.0 could allow a remote attacker to bypass authentication and gain unauthorized access to JAX-WS applications.

Risk Assessment

An attacker could gain access to sensitive data and application functions, potentially leading to serious security breaches.

Recommendation

It is recommended to upgrade to the latest version of IBM WebSphere Application Server and implement additional security measures.

Original NVD description (English source)

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to bypass authentication and gain unauthorized access to JAX-WS applications.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS