CVE Database · CVE-2026-4410
CVSS v3.1
4.8
EPSS
0.50%
Published
May 27, 2026
Modified
May 27, 2026
Public PoC / Exploit
All weaponized →No public PoC or exploit code indexed for this CVE.
Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
IBM WebSphere Application Server - Liberty 19.0.0.7 through 26.0.0.5 and IBM WebSphere Application Server 9.0, and 8.5 and WebSphere Application Server Liberty are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.
CVSS Vector
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HWeaknesses (CWE)
References (1)