IBM WebSphere Application Server Liberty is affected by server-side request forgery (CVE-2026-1561)

Authors: Created by IBM

IBM WebSphere Application Server Liberty is affected by server-side request forgery with the samlWeb-2.0 feature enabled. CVEID: CVE-2026-1561 ^[1]
DESCRIPTION: IBM WebSphere Application Server Liberty is vulnerable to server-side request forgery (SSRF).This may allow remote attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
CWE: CWE-918:Server-Side Request Forgery (SSRF)...

Just published by IBM: Read more