CVE Catalog

CVE-2026-8855

High
Published: Translated: NVD NIST

Summary

IBM HTTP Server versions 8.5 and 9.0 are vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication (client authentication).

Risk Assessment

This vulnerability could lead to serious security incidents, including unauthorized access to systems and disruption of service availability.

Recommendation

It is recommended to update IBM HTTP Server to the latest version that addresses this vulnerability and review TLS configurations to ensure security.

Original NVD description (English source)

IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication (client authentication).

Vulnerability data from NVD (NIST) · CISA KEV · EPSS