- Security updates have been released to address vulnerabilities in IBM products.
- the target product is IBM WebSphere Application Server.
- affected Versions are 8.5.0.0 and above but below 8.5.5.30 and 9.0.0.0 and above but below 9.0.5.29.
- the vulnerabilities addressed are an identity masquerade vulnerability (CVE-2026-8644) and remote code execution vulnerabilities (CVE-2026-9311, CVE-2026-9319, CVE-2026-9330).
- the vulnerability patches were made available through the latest update, and IBM advised customers to follow the instructions on the reference site to update to the latest version of the Vulnerability Patch.
- the post-update versions are IBM WebSphere Application Server 8.5.5.30 and later and 9.0.5.29 and later.
