CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-11806

highCVSS 7.2covered by 3 sourcesfirst seen 2026-06-30
An attacker can exploit multiple vulnerabilities in IBM WebSphere Application Server Liberty and IBM WebSphere Application Server to manipulate files, conduct a Cross-Site Scripting attack, execute arbitrary code, disclose information, and perform a Denial of Service attack.

CSIRTS triage

What
An attacker can exploit multiple vulnerabilities in IBM WebSphere Application Server and Application Server Liberty to manipulate files and execute arbitrary code.
Who is affected
Deployments of IBM WebSphere Application Server and Application Server Liberty are affected.
Urgency
Remediation is urgent due to the high severity and potential for arbitrary code execution.
Action
Apply the latest patches for IBM WebSphere Application Server and Application Server Liberty.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-11806

Get an email if CVE-2026-11806 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (3)

External references

NVD record for CVE-2026-11806

CVE.org record

Embed the live status

CVE-2026-11806 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-11806 status](https://www.csirts.com/badge/CVE-2026-11806)](https://www.csirts.com/cve/CVE-2026-11806)