CVE-2026-8835

Summary

IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service.

Affected Software

VendorProductVersion RangeStatus
IBMHTTP Server8.5.0 <= Interim Fix 002affected
IBMHTTP Server9.0affected

Weaknesses

  • CWE-822: CWE-822 Untrusted Pointer Dereference

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References