CVE-2026-5516 | THREATINT

Description

IBM WebSphere Application Server - Liberty 22.0.0.11 through 26.0.0.5 IBM WebSphere Application Server Liberty could allow a remote attacker to bypass security under limited conditions by exploiting a specific timing window.

PUBLISHED Reserved 2026-04-03 | Published 2026-05-27 | Updated 2026-05-27 | Assigner ibm

MEDIUM: 4.4CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

Product status

22.0.0.11 (semver)

affected

References

www.ibm.com/support/pages/node/7273425 vendor-advisory patch

cve.org (CVE-2026-5516)

nvd.nist.gov (CVE-2026-5516)

Download JSON