CVE-2026-8835 | THREATINT

Description

IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service.

PUBLISHED Reserved 2026-05-18 | Published 2026-05-26 | Updated 2026-05-26 | Assigner ibm

HIGH: 7.3CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Problem types

CWE-822 Untrusted Pointer Dereference

Product status

8.5.0 (semver)

affected

9.0 (semver)

affected

References

www.ibm.com/support/pages/node/7274065 vendor-advisory patch

cve.org (CVE-2026-8835)

nvd.nist.gov (CVE-2026-8835)

Download JSON