IBM WebSphere Application Server Liberty is affected by a security bypass vulnerability (CVE-2026-5516)

Authors: Created by IBM

IBM WebSphere Application Server Liberty is affected by a security bypass vulnerability with the appSecurity-3.0, appSecurity-4.0 or appSecurity-5.0 feature enabled. CVEID: CVE-2026-5516 ^[1]
DESCRIPTION: IBM WebSphere Application Server Liberty could allow a remote attacker to bypass security under limited conditions by exploiting a specific timing window.
CVSS Source: IBM
CVSS Base score: ...

Just published by IBM: Read more