Download
Downloadable File
| File link | File size | File description |
|---|---|---|
Abstract
IBM WebSphere Application Server Liberty is affected by HTTP request smuggling (CVE-2026-11541)
Download Description
The fix for this APAR is targeted for inclusion in 26.0.0.7.
For more information, see: Recommended Updates for WebSphere Application Server
This fix supersedes (includes) PH68817 and PH71631 where applicable.
Download Package
IMPORTANT NOTE: | WebSphere Application Server and Liberty fix access requires S&S Entitlement beginning in 2021. Use properly registered IDs to download the fixes in this table. Signature file is provided along with interim fix. See Verifying WebSphere Application Server release packages and Verifying Liberty release packages. |
IBM Installation Manager packages
| DOWNLOAD | RELEASE DATE | URL |
|---|---|---|
| 26.0.0.6-WS-WLP-IFPH71808 | 23 June 2026 | FC |
| 26.0.0.3-WS-WLP-IFPH71808 | 23 June 2026 | FC |
| 25.0.0.12-WS-WLP-IFPH71808 | 23 June 2026 | FC |
| 25.0.0.9-WS-WLP-IFPH71808 | 23 June 2026 | FC |
Archive packages (no IM)
| DOWNLOAD | RELEASE DATE | URL |
|---|---|---|
| 26006-wlp-archive-IFPH71808 | 23 June 2026 | FC |
| 26003-wlp-archive-IFPH71808 | 23 June 2026 | FC |
| 250012-wlp-archive-IFPH71808 | 23 June 2026 | FC |
| 25009-wlp-archive-IFPH71808 | 23 June 2026 | FC |
Problems Solved
PH71808, PH68817, PH71631
Technical Support
Contact IBM Support at https://www.ibm.com/mysupport/ or 1-800-IBM-SERV (US only).
Document Location
Worldwide
Problems (APARS) fixed
Problems (APARS) fixed
Was this topic helpful?
Document Information
Modified date:
23 June 2026
UID
ibm17277460