Vulnerability Details CVE-2026-9072
IBM i 7.6, 7.5, 7.4, and 7.3, IBM WebSphere Application Server, and IBM WebSphere Application Server Liberty - when using Intelligent Management with the WebSphere WebServer Plug-in component - are vulnerable to remote code execution and denial of service. This vulnerability can be exploited when an attacker impersonates backend servers and sends crafted responses to the plug-in.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 29.9%
CVSS Severity
CVSS v3 Score 8.1