IBM WebSphere Application Server has three critical vulnerabilities identified as CVE-2026-11712, CVE-2026-11708, and CVE-2026-11595, with the highest severity rating of 9.3 for some. The vulnerabilities primarily involve cross-site scripting (XSS) and path traversal issues. Despite no confirmed exploitation so far, administrators are urged to apply interim fixes immediately to prevent potential attacks that could compromise sensitive information or allow unauthorized access. Affected versions include WebSphere 9.0 and 8.5. Mitigation involves installing specific interim fixes or upgrade packs.
IBM patches three critical WebSphere flaws, urges urgent fixes
CyberSIXT Evidence Panel
Article by CyberSIXT