CVE-2026-9330
Analyzed Analyzed - Analysis Complete
Improper Deserialization in IBM WebSphere Application Server

Publication date: 2026-06-01

Last updated on: 2026-06-04

Assigner: IBM Corporation

Description
IBM WebSphere Application Server 9.0, and 8.5 is affected by an improper validation of user-supplied data during deserialization using the SAML Web Single Sign-On component. This could result in remote code execution via a crafted HTTP request when combined with a suitable gadget chain.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-01
Last Modified
2026-06-04
Generated
2026-06-22
AI Q&A
2026-06-01
EPSS Evaluated
2026-06-20
NVD
CVE-2026-9330
EUVD
EUVD-2026-33740
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
ibm websphere_application_server From 8.5.0.0 (inc) to 8.5.5.30 (exc)
ibm websphere_application_server From 9.0.0.0 (inc) to 9.0.5.29 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-502 The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Mitigation Strategies

IBM recommends applying interim fixes or upgrading to specific fix packs to address the vulnerability in IBM WebSphere Application Server versions 9.0 and 8.5.

  • For version 9.0.0.0 through 9.0.5.28, either upgrade to the required fix pack levels and apply the interim fix for APAR PH71453 or apply Fix Pack 9.0.5.29 or later.
  • For version 8.5.0.0 through 8.5.5.29, upgrade to the required fix pack levels and apply the interim fix or apply Fix Pack 8.5.5.30 or later.

No workarounds or mitigations are currently available.

Executive Summary

This vulnerability affects IBM WebSphere Application Server versions 9.0 and 8.5. It involves improper validation of user-supplied data during deserialization in the SAML Web Single Sign-On component. An attacker can exploit this by sending a specially crafted HTTP request that, when combined with a suitable gadget chain, could lead to remote code execution.

Impact Analysis

The vulnerability can allow an attacker to execute arbitrary code remotely on the affected system. This means the attacker could potentially take control of the server running IBM WebSphere Application Server, leading to data breaches, service disruption, or further attacks within the network.

Compliance Impact

The provided information does not specify how the vulnerability in IBM WebSphere Application Server impacts compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-9330. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart