CVE-2026-11595
MediumCVSS 4.3Exploitation Probability (EPSS)
Low risk38th percentile — higher than 38% of all known CVEs
Summary
IBM WebSphere Application Server 9.0 and 8.5 contain a vulnerability that could allow a remote attacker to obtain sensitive information from the integrated help system of the administrative console.
Risk Assessment
The risk involves potential leakage of confidential data such as server configurations or credentials, which could lead to further attacks on the infrastructure.
Recommendation
It is recommended to immediately apply security patches provided by IBM for WebSphere Application Server versions 9.0 and 8.5, and restrict access to the administrative console to trusted networks only.
Original NVD description (English source)
IBM WebSphere Application Server 9.0, and 8.5 could allow a remote attacker to obtain sensitive information from the administrative console's integrated help system.

