Skip to main content

WebSphere WebServer Plug-in CVE-2026-10852

| EUVDEUVD-2026-38346 HIGH
NULL Pointer Dereference (CWE-476)
2026-06-22 ibm GHSA-jfrh-xh86-v7pp
7.5
CVSS 3.1 · NVD
Share

Severity by source

Vendor (ibm) PRIMARY
MEDIUM
qualitative
NVD
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
vuln.today AI
5.9 MEDIUM

Network-reachable plug-in, no auth required, but AC:H reflects undisclosed triggering precondition; DoS-only impact means C:N/I:N.

3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
4.0 AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (ibm).

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
Severity Changed
Jun 30, 2026 - 18:07 NVD
MEDIUM HIGH
CVSS changed
Jun 30, 2026 - 18:07 NVD
5.9 (MEDIUM) 7.5 (HIGH)
Analysis Generated
Jun 22, 2026 - 20:17 vuln.today

DescriptionNVD

IBM i 7.6, 7.5, 7.4, and 7.3, IBM WebSphere Application Server, and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere WebServer Plug-in component when an attacker can pass crafted requests to the web server.

AnalysisAI

Denial of service in the IBM WebSphere WebServer Plug-in component affects IBM i 7.3 through 7.6, IBM WebSphere Application Server, and IBM WebSphere Application Server Liberty via a NULL pointer dereference (CWE-476) triggered by crafted HTTP requests. The CVSS vector (AV:N/AC:H/PR:N/UI:N) confirms remote unauthenticated exploitation, though high attack complexity limits opportunistic mass exploitation. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify internet-accessible WebSphere WebServer Plug-in endpoint
Delivery
Craft malformed HTTP request matching high-complexity trigger condition
Exploit
Send request to web server plug-in listener
Execution
Null pointer dereference occurs in plug-in request-parsing logic
Persist
Plug-in or web server process crashes
Impact
Application unavailable until service restart

Vulnerability AssessmentAI

Exploitation The WebSphere WebServer Plug-in must be deployed and actively handling requests - this component is present when WebSphere Application Server is configured to front behind a separate web server (IBM HTTP Server, Apache, or IIS) rather than serving requests directly. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 base score of 5.9 (Medium) reflects a meaningful but contextually bounded risk. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unauthenticated remote attacker identifies a host running IBM i or WebSphere Application Server with the WebSphere WebServer Plug-in exposed on a network-accessible port. The attacker sends a sequence of specially crafted HTTP requests designed to trigger an abnormal internal state in the plug-in's request-parsing code, causing a null pointer dereference. …
Remediation A vendor-released patch is available per IBM's advisory at https://www.ibm.com/support/pages/node/7277344. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-10852 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy