CVE-2026-9170

CVE-2026-9170: IBM HTTP Server is affected by multiple vulnerabilities

Vendor Ibm
Product HTTP Server
Weakness CWE-94 · Code injection
Published May 26, 2026
Last update June 11, 2026

CVSS base score

What the vulnerability does

01Description

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service and a potential remote code execution due to improper input validation.

Key dates

02Disclosure timeline

May 26, 2026 CVE published
June 11, 2026 Record updated