CVE-2026-1561 — Vulnetix

Try Vulnetix Request Demo

CVE-2026-1561 PUBLISHED CVSS 5.400000095367432 MEDIUM

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is vulnerable to server-side request forgery (SSRF). This may allow remote attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.

Risk Scores

CVSS v3.1

5.400000095367432

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Affected Products

Vendor	Product	Versions
ibm	websphere_application_server	17.0.0.3
IBM	WebSphere Application Server Liberty	17.0.0.3, 17.0.0.3, 17.0.0.3

Timeline

Mar 24, 2026 PoC Published
Mar 25, 2026 Coalition ESS Score
Mar 25, 2026 CVE Published
Mar 26, 2026 PoC Published
Mar 26, 2026 CVE Updated
Mar 29, 2026 Security Advisory

References

https://www.ibm.com/support/pages/node/7267347 vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2026-1561 advisory

Open in Interactive Console →