CVE-2026-9319

Published: Giu 01, 2026 Last Modified: Giu 01, 2026

ExploitDB:

Other exploit source:

Google Dorks:

CRITICAL 9,0

Source: [email protected]

Attack Vector: network

Attack Complexity: high

Privileges Required: none

User Interaction: none

Scope: changed

Confidentiality: high

Integrity: high

Availability: high

Description

AI Translation Available

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to deserialization of untrusted data via JAX-WS endpoints with WS-Security.

502

Deserialization of Untrusted Data

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity Availability Other

Potential Impacts:

Modify Application Data Unexpected State Dos: Resource Consumption (Cpu) Varies By Context

Applicable Platforms

Languages: Java, Ruby, PHP, Python, JavaScript

Technologies: Not Technology-Specific, ICS/OT, AI/ML

Likelihood of Exploit: Medium

View CWE Details

https://www.ibm.com/support/pages/node/7274738

CVE-2026-9319

Description

Deserialization of Untrusted Data

Common Consequences

Applicable Platforms

Iscriviti alla newsletter