Vulnerabilities3 min read
IBM WebSphere Hit by Three Critical Flaws—CVSS 9.1 Spoofing, Dual RCE
IBM discloses CVE-2026-8644, CVE-2026-9311, and CVE-2026-9319 affecting WebSphere 8.5 and 9.0. Attackers can chain identity spoofing with RCE for full server compromise.
Marcus ChenJun 7, 2026