CVE-2026-8835
Received Received - Intake
IBM HTTP Server Invalid Pointer Dereference Vulnerability

Publication date: 2026-05-26

Last updated on: 2026-05-26

Assigner: IBM Corporation

Description
IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-26
Last Modified
2026-05-26
Generated
2026-05-26
AI Q&A
2026-05-26
EPSS Evaluated
N/A
NVD
CVE-2026-8835
EUVD
EUVD-2026-31918
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
ibm http_server 8.5
ibm http_server 9.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-822 The product obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

IBM HTTP Server versions 8.5 and 9.0 have a vulnerability related to invalid pointer dereference. This means that a privileged user who is authenticated to the Administration Server can exploit this flaw.

Exploiting this vulnerability could allow the attacker to expose sensitive information or cause a denial of service condition.


How can this vulnerability impact me? :

If exploited, this vulnerability can lead to exposure of sensitive information, which could compromise confidentiality.

Additionally, it can cause a denial of service, making the IBM HTTP Server unavailable or unstable.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart