CVE-2026-8854
7.5 HIGHIBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_mem_cache
Published: 2026-05-26 · Last updated: 2026-05-26
Severity and scoring
- CVSS
- 7.5 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- CWE
- CWE-825
Affected products
| Vendor | Product |
|---|---|
| ibm | http_server |
Description
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_mem_cache.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2026-9330 — IBM WebSphere Application Server 9.0, and 8.5 is affected by an improper validation of user-supplied data during deserialization using th... (8.5 HIGH)
- CVE-2026-9319 — IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to deserialization of untrusted data v... (9.0 CRITICAL)
- CVE-2026-9311 — IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls (9.0 CRITICAL)
- CVE-2026-8644 — IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing (9.1 CRITICAL)
- CVE-2026-1248 — IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages (4.3 MEDIUM)
Same CWE
- CVE-2026-34001 — A flaw was found in the X.Org X server (7.8 HIGH)
- CVE-2025-61664 — A vulnerability in the GRUB2 bootloader has been identified in the normal module (4.9 MEDIUM)
- CVE-2025-54771 — A use-after-free vulnerability has been identified in the GNU GRUB (Grand Unified Bootloader) (4.9 MEDIUM)
- CVE-2025-54770 — A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service (DoS) risk (4.9 MEDIUM)
- CVE-2025-49795 — A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions (7.5 HIGH)