IBM Support

PH71916:IBM WebSphere Application Server Liberty is affected by a security bypass vulnerability (CVE-2026-10842)

Download


Downloadable File

File linkFile sizeFile description
   
   
   
   
   

Abstract

IBM WebSphere Application Server Liberty is affected by a security bypass vulnerability (CVE-2026-10842)

Download Description

The fix for this APAR is targeted for inclusion in 26.0.0.8.

IFPH71916 supersedes (includes) the fixes for PH70798 and PH70352 where applicable.

For more information, see: Recommended Updates for WebSphere Application Server

Download Package

IMPORTANT NOTE:
WebSphere Application Server and Liberty fix access requires S&S Entitlement beginning in 2021. Use properly registered IDs to download the fixes in this table.  

Signature file is provided along with interim fix. See Verifying WebSphere Application Server release packages and Verifying Liberty release packages. 
 

IBM Installation Manager packages

DOWNLOADRELEASE DATE

URL

26.0.0.7-WS-WLP-IFPH7191615 July 2026FC
26.0.0.6-WS-WLP-IFPH7191615 July 2026FC
26.0.0.5-WS-WLP-IFPH7191615 July 2026FC
26.0.0.3-WS-WLP-IFPH7191615 July 2026FC

Archive packages (no IM)

DOWNLOADRELEASE DATE

URL

26007-wlp-archive-IFPH7191615 July 2026FC
26006-wlp-archive-IFPH7191615 July 2026FC
26005-wlp-archive-IFPH7191615 July 2026FC
26003-wlp-archive-IFPH7191615 July 2026FC
Note: FC stands for Fix Central. Review the What is Fix Central (FC)? FAQs for more details.

Problems Solved

PH71916, PH70352, PH70798, PH71989

Change History

  • July 15 2026: Initial Publish
  • July 15 2026 (19:45:00 UTC): Add 26.0.0.7 which was present on Fix Central but not in this document

On

Technical Support

Contact IBM Support at https://www.ibm.com/mysupport/ or 1-800-IBM-SERV (US only).

Document Location

Worldwide

[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"General","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF017","label":"Mac OS"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"26.0.0.3;26.0.0.5;26.0.0.6","Edition":"Base","Line of Business":{"code":"LOB77","label":"Automation Platform"}}]

Problems (APARS) fixed
PH71916, PH70352, PH70798, PH71989

Document Information

Modified date:
15 July 2026

UID

ibm17280086