IBM WebSphere Application Server is affected by a remote code execution vulnerability (CVE-2026-9319)

Authors: Created by IBM

IBM WebSphere Application Server is affected by a remote code execution vulnerability when using JAX-WS endpoints with WS-Security. CVEID: CVE-2026-9319 ^[1]
DESCRIPTION: IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to deserialization of untrusted data via JAX-WS endpoints with WS-Security.
CWE: CWE-502:Deserialization of Untrusted Data ^[2]
...

Just published by IBM: Read more