CVE Catalog

CVE-2026-11595

MediumCVSS 4.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.47%

38th percentile — higher than 38% of all known CVEs

Summary

IBM WebSphere Application Server 9.0 and 8.5 contain a vulnerability that could allow a remote attacker to obtain sensitive information from the integrated help system of the administrative console.

Risk Assessment

The risk involves potential leakage of confidential data such as server configurations or credentials, which could lead to further attacks on the infrastructure.

Recommendation

It is recommended to immediately apply security patches provided by IBM for WebSphere Application Server versions 9.0 and 8.5, and restrict access to the administrative console to trusted networks only.

Original NVD description (English source)

IBM WebSphere Application Server 9.0, and 8.5 could allow a remote attacker to obtain sensitive information from the administrative console's integrated help system.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS