Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
CVE-2026-8633: IBM WebSphere Plug-ins: Remote Code Execution Risk
CVE-2026-8633
Summary
IBM WebSphere Application Server and WebSphere Liberty plug-ins have a security weakness that allows hackers to potentially run unauthorized code on your server. This could lead to data theft, disruption of services, or even complete server takeover. Update your plug-ins to the latest version to fix this issue.
Original title
IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to remote code execu...
Original description
IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to remote code execution in the Web Server Plug-ins, through a specially crafted request.
nvd CVSS3.1
9.8
Vulnerability type
CWE-94
Code Injection
Published: 26 May 2026 · Updated: 30 May 2026 · First seen: 26 May 2026