securityonline.info 7/6/2026, 2:32:16 AM · external

IBM patches three critical WebSphere flaws, urges urgent fixes

IBM patches three critical WebSphere flaws, urges urgent fixes
CyberSIXT Evidence Panel
Primary Source ibm.com
CISA KEV Not in KEV
Patch Patch Available

IBM WebSphere Application Server has three critical vulnerabilities identified as CVE-2026-11712, CVE-2026-11708, and CVE-2026-11595, with the highest severity rating of 9.3 for some. The vulnerabilities primarily involve cross-site scripting (XSS) and path traversal issues. Despite no confirmed exploitation so far, administrators are urged to apply interim fixes immediately to prevent potential attacks that could compromise sensitive information or allow unauthorized access. Affected versions include WebSphere 9.0 and 8.5. Mitigation involves installing specific interim fixes or upgrade packs.

View Primary Source Via securityonline.info

Article by CyberSIXT