CVE-2026-8856
IBM HTTP Server Configuration Denial of Service
Publication date: 2026-05-26
Last updated on: 2026-05-26
Assigner: IBM Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ibm | http_server | 8.5 |
| ibm | http_server | 9.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-400 | The product does not properly control the allocation and maintenance of a limited resource. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects IBM HTTP Server versions 8.5 and 9.0. It is a denial of service (DoS) issue that occurs when an attacker has write access to certain parts of the server configuration. By exploiting this access, the attacker can cause the server to become unavailable or disrupted.
How can this vulnerability impact me? :
The impact of this vulnerability is a denial of service condition, meaning that the IBM HTTP Server could be made unavailable or disrupted by an attacker who has write access to parts of the server configuration. This could lead to service interruptions and potentially affect the availability of applications or websites hosted on the server.