Ibm Http Server
9 CVEs affecting Ibm Http Server. Latest disclosed: 2026-05-26. Critical: 1, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-9170 | Critical | 9.8 | 2026-05-26 | IBM HTTP Server 8.5, and 9.0 |
CVE-2026-8855 | High | 8.1 | 2026-05-26 | IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication (client authenticati… |
CVE-2026-8834 | High | 8.0 | 2026-05-26 | IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulner… |
CVE-2026-8856 | High | 7.7 | 2026-05-26 | IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration. |
CVE-2026-8854 | High | 7.5 | 2026-05-26 | IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_mem_cache. |
CVE-2026-8850 | High | 7.5 | 2026-05-26 | IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_ibm_upload. |
CVE-2026-8835 | High | 7.3 | 2026-05-26 | IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vu… |
CVE-2026-8852 | Medium | 6.2 | 2026-05-26 | IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_fastcgi module. |
CVE-2023-26281 | Medium | 5.9 | 2023-02-28 | IBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL. IBM X-Force… |