CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-8855

IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication (client authentication).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 52.4%

CVSS Severity

CVSS v3 Score 8.1

References

https://www.ibm.com/support/pages/node/7274065

Products affected by CVE-2026-8855

Ibm » Http Server » Version: 8.5.0.0

cpe:2.3:a:ibm:http_server:8.5.0.0
Ibm » Http Server » Version: 8.5.5.23

cpe:2.3:a:ibm:http_server:8.5.5.23
Ibm » Http Server » Version: 8.5.5.24

cpe:2.3:a:ibm:http_server:8.5.5.24
Ibm » Http Server » Version: 8.5.5.6

cpe:2.3:a:ibm:http_server:8.5.5.6
Ibm » Http Server » Version: 8.5.5.7

cpe:2.3:a:ibm:http_server:8.5.5.7
Ibm » Http Server » Version: 9.0.0.0

cpe:2.3:a:ibm:http_server:9.0.0.0
Ibm » Http Server » Version: 9.0.5.15

cpe:2.3:a:ibm:http_server:9.0.5.15
Ibm » Http Server » Version: 9.0.5.16

cpe:2.3:a:ibm:http_server:9.0.5.16
Ibm » Aix » Version: N/A

cpe:2.3:o:ibm:aix:-
Ibm » Z/os » Version: N/A

cpe:2.3:o:ibm:z/os:-
Linux » Linux Kernel » Version: N/A

cpe:2.3:o:linux:linux_kernel:-
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-8855

Products

Pricing

Contact Us