Path traversal in IBM WebSphere Application Server - CVE-2026-11595
Published: July 2, 2026 / Updated: July 2, 2026
IBM WebSphere Application Server
Detailed vulnerability description
The vulnerability allows an adjacent attacker to obtain sensitive information.
The vulnerability exists due to input validation error when processing directory traversal sequences. An adjacent attacker can send a specially crafted HTTP request and obtain sensitive information from the administrative console's integrated help system.