IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings.

Description

Affected Products

Vendor	Product	Versions
ibm	websphere_application_server	< 26.0.0.4

References

https://www.ibm.com/support/pages/node/7267362(Vendor Advisory)

Related News (1 articles)

Tier D

CSO Online3d ago

Seven IBM WebSphere Liberty flaws can be chained into full takeover

→ No new info (linked only)

CVSS 3.16.7 MEDIUM

VectorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited❌ No

Patch available

26.0.0.4

CWECWE-1393

PublishedMar 25, 2026

Last enriched14d ago

Trending Score14

Source articles1

Independent1

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

MEDIUMCVE-2025-14923

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could provide weaker than expected security when using the Security Utility when administe

Trending: 22

MEDIUMCVE-2026-1561

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is vulnerable to server-side request forgery (SSRF). This may allow remote attacker to sen

Trending: 22

HIGHCVE-2025-14914

IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.1 could allow a privileged user to upload a zip archive containing path traversal sequences resulting in an overwrite of files leading

Trending: 17

HIGHCVE-2026-1343EXP

Security Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access

Trending: 15

HIGHCVE-2026-3357EXP

IBM Langflow Desktop FAISS Vector Store Remote Code Execution via malicious Pickle file

Trending: 14

Pin to Dashboard

Verification

State: verified

Confidence: 100%

Vulnerability Timeline

CVE Published

Mar 25, 2026

Patch Available

Mar 30, 2026

Discovered by ZDM

Apr 1, 2026