COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2026-11541

CVE-2026-11541

Severity
high
Source
NVD · cve
Published
2026-06-30
CVSS
7.4
Reference
https://nvd.nist.gov/vuln/detail/CVE-2026-11541
shame 25/100

IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability.

Players implicated

IBM · vendorwebsphere application server · product

Description

IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability.

Affected FedRAMP products 5 in the catalog

ProductProviderStatusMatch
IBM Cloud for Government IBM Authorized vendor-exact · 0.90
IBM Federal HR Cloud IBM Authorized vendor-exact · 0.90
IBM Maximo and TRIRIGA on Cloud for U.S. Federal IBM Authorized vendor-exact · 0.90
MaaS360 Enterprise Mobility Management IBM Authorized vendor-exact · 0.90
SmartCloud for Government IBM Authorized vendor-exact · 0.90