COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2026-11714

CVE-2026-11714

Severity
high
Source
NVD · cve
Published
2026-06-30
CVSS
8.5
Reference
https://nvd.nist.gov/vuln/detail/CVE-2026-11714
shame 25/100

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the apiDiscovery-1.0 feature enabled.

Players implicated

IBM · vendorwebsphere application server · product

Description

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the apiDiscovery-1.0 feature enabled.

Affected FedRAMP products 5 in the catalog

ProductProviderStatusMatch
IBM Cloud for Government IBM Authorized vendor-exact · 0.90
IBM Federal HR Cloud IBM Authorized vendor-exact · 0.90
IBM Maximo and TRIRIGA on Cloud for U.S. Federal IBM Authorized vendor-exact · 0.90
MaaS360 Enterprise Mobility Management IBM Authorized vendor-exact · 0.90
SmartCloud for Government IBM Authorized vendor-exact · 0.90