PH71454:IBM WEBSPHERE APPLICATION SERVER IS AFFECTED BY A REMOTE CODE EXECUTION VULNERABILITY (CVE-2026-9319)

Download

Downloadable File

File link	File size	File description

Abstract

IBM WEBSPHERE APPLICATION SERVER IS AFFECTED BY A REMOTE CODE EXECUTION VULNERABILITY (CVE-2026-9319)

Download Description

The fix for this APAR is targeted for inclusion in 8.5.5.30 and 9.0.5.29.

For more information, see: Recommended Updates for WebSphere Application Server

Download Package

IMPORTANT NOTE:	WebSphere Application Server and Liberty fix access requires S&S Entitlement beginning in 2021. Use properly registered IDs to download the fixes in this table. Signature file is provided along with interim fix. See Verifying WebSphere Application Server release packages and Verifying Liberty release packages.

IBM Installation Manager packages

DOWNLOAD	RELEASE DATE	URL
9.0.5.20-WS-WAS-IFPH71454 (applies to 9.0.5.20-9.0.5.27)	01 Jun 2026	FC
8.5.5.25-WS-WAS-IFPH71454 (applies to 8.5.5.25-8.5.5.29)	01 Jun 2026	FC

Note: FC stands for Fix Central. Review the What is Fix Central (FC)? FAQs for more details.

Problems Solved

PH71454

Change History

Describe range for fixes.

Technical Support

Contact IBM Support at https://www.ibm.com/mysupport/ or 1-800-IBM-SERV (US only).

Document Location

Worldwide

[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"General","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"9.0.5.27;9.0.5.26;9.0.5.25;9.0.5.24;9.0.5.23;9.0.5.22;9.0.5.21;9.0.5.20;8.5.5.29;8.5.5.28;8.5.5.27;8.5.5.26;8.5.5.25","Edition":"Base","Line of Business":{"code":"LOB77","label":"Automation Platform"}}]

Problems (APARS) fixed
PH71454

Was this topic helpful?

Document Information

Modified date:
01 June 2026

UID

ibm17274234

Tips