CWE-825
Expired Pointer Dereference
The product dereferences a pointer that contains a location for memory that was previously valid, but is no longer valid.
CVE-2026-35094 (GCVE-0-2026-35094)
Vulnerability from cvelistv5 – Published: 2026-04-01 13:54 – Updated: 2026-04-01 15:50
VLAI
Title
Libinput: libinput: information disclosure via dangling pointer in lua plugin handling
Summary
A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could potentially expose sensitive data if the memory location is re-used, leading to information disclosure. For this exploit to work, Lua plugins must be enabled in libinput and loaded by the compositor.
Severity
CWE
- CWE-825 - Expired Pointer Dereference
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://access.redhat.com/security/cve/CVE-2026-35094 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2453840 | issue-trackingx_refsource_REDHAT |
| https://gitlab.freedesktop.org/libinput/libinput/… |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
Date Public
2026-04-01 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35094",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T15:39:17.037193Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T15:50:07.802Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "libinput",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"packageName": "libinput",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "libinput",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "libinput",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Koen Tange (monokles.eu) for reporting this issue."
}
],
"datePublic": "2026-04-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could potentially expose sensitive data if the memory location is re-used, leading to information disclosure. For this exploit to work, Lua plugins must be enabled in libinput and loaded by the compositor."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-825",
"description": "Expired Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T14:02:55.147Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-35094"
},
{
"name": "RHBZ#2453840",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453840"
},
{
"url": "https://gitlab.freedesktop.org/libinput/libinput/-/work_items/1272"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-01T13:36:01.001Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-04-01T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Libinput: libinput: information disclosure via dangling pointer in lua plugin handling",
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-825: Expired Pointer Dereference"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2026-35094",
"datePublished": "2026-04-01T13:54:00.679Z",
"dateReserved": "2026-04-01T12:56:18.939Z",
"dateUpdated": "2026-04-01T15:50:07.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-5165 (GCVE-0-2026-5165)
Vulnerability from cvelistv5 – Published: 2026-03-30 15:02 – Updated: 2026-04-28 14:35
VLAI
Title
Virtio-win: virtio-win: memory corruption via use-after-free in virtio blk device reset
Summary
A flaw was found in virtio-win, specifically within the VirtIO Block (BLK) device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system instability or unexpected behavior.
Severity
6.7 (Medium)
CWE
- CWE-825 - Expired Pointer Dereference
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://access.redhat.com/security/cve/CVE-2026-5165 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2453015 | issue-trackingx_refsource_REDHAT |
| https://github.com/virtio-win/kvm-guest-drivers-w… |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
Date Public
2026-03-30 12:34
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-5165",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-30T18:05:27.370746Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-30T18:05:38.378Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "virtio-win",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "virtio-win",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "virtio-win",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
}
],
"datePublic": "2026-03-30T12:34:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in virtio-win, specifically within the VirtIO Block (BLK) device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system instability or unexpected behavior."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-825",
"description": "Expired Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T14:35:37.734Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-5165"
},
{
"name": "RHBZ#2453015",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453015"
},
{
"url": "https://github.com/virtio-win/kvm-guest-drivers-windows/pull/1493"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-30T14:44:19.968Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-03-30T12:34:00.000Z",
"value": "Made public."
}
],
"title": "Virtio-win: virtio-win: memory corruption via use-after-free in virtio blk device reset",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-825: Expired Pointer Dereference"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2026-5165",
"datePublished": "2026-03-30T15:02:26.375Z",
"dateReserved": "2026-03-30T14:51:14.677Z",
"dateUpdated": "2026-04-28T14:35:37.734Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-7111 (GCVE-0-2026-7111)
Vulnerability from cvelistv5 – Published: 2026-04-29 14:22 – Updated: 2026-04-29 17:49
VLAI
Title
Text::CSV_XS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or memory corruption
Summary
Text::CSV_XS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or memory corruption.
The Parse, print, getline, and getline_all methods invoke registered callbacks (for example after_parse, before_print, or on_error) and cache the Perl argument stack pointer across the call. If a callback extends the argument stack enough to trigger a reallocation, the return value is written through the stale pointer into the freed buffer, and the caller reads the original $self argument as the return value instead.
Calling code that expects parsed data from getline_all receives the Text::CSV_XS object in its place, leading to logic errors or crashes. Text::CSV_XS objects used without any registered callbacks are not affected.
Severity
8.4 (High)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/cpan-authors/Text-CSV_XS/commi… | patch |
| https://metacpan.org/release/HMBRAND/Text-CSV_XS-… | release-notes |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HMBRAND | Text::CSV_XS |
Affected:
0 , < 1.62
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-04-29T16:33:25.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2026/04/29/17"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-7111",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-29T17:49:05.158465Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-29T17:49:17.981Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "Text-CSV_XS",
"product": "Text::CSV_XS",
"programFiles": [
"CSV_XS.xs"
],
"programRoutines": [
{
"name": "Text::CSV_XS::Parse"
},
{
"name": "Text::CSV_XS::print"
},
{
"name": "Text::CSV_XS::getline"
},
{
"name": "Text::CSV_XS::getline_all"
}
],
"repo": "https://github.com/cpan-authors/Text-CSV_XS",
"vendor": "HMBRAND",
"versions": [
{
"lessThan": "1.62",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"value": "Leon Timmermans"
}
],
"descriptions": [
{
"lang": "en",
"value": "Text::CSV_XS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or memory corruption.\n\nThe Parse, print, getline, and getline_all methods invoke registered callbacks (for example after_parse, before_print, or on_error) and cache the Perl argument stack pointer across the call. If a callback extends the argument stack enough to trigger a reallocation, the return value is written through the stale pointer into the freed buffer, and the caller reads the original $self argument as the return value instead.\n\nCalling code that expects parsed data from getline_all receives the Text::CSV_XS object in its place, leading to logic errors or crashes. Text::CSV_XS objects used without any registered callbacks are not affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-825",
"description": "CWE-825 Expired Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-29T14:22:29.358Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/cpan-authors/Text-CSV_XS/commit/c17f31a5f2bf36674748eb4b6e25672f0571a224.patch"
},
{
"tags": [
"release-notes"
],
"url": "https://metacpan.org/release/HMBRAND/Text-CSV_XS-1.62/changes"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to 1.62 or later."
}
],
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2026-04-25T00:00:00.000Z",
"value": "Fix committed to public Github repository"
},
{
"lang": "en",
"time": "2026-04-26T00:00:00.000Z",
"value": "CVE number reserved"
},
{
"lang": "en",
"time": "2026-04-29T00:00:00.000Z",
"value": "Version 1.62 with the fix released to CPAN"
}
],
"title": "Text::CSV_XS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or memory corruption",
"x_generator": {
"engine": "cpansec-cna-tool 0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2026-7111",
"datePublished": "2026-04-29T14:22:29.358Z",
"dateReserved": "2026-04-26T15:31:25.111Z",
"dateUpdated": "2026-04-29T17:49:17.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8854 (GCVE-0-2026-8854)
Vulnerability from cvelistv5 – Published: 2026-05-26 16:58 – Updated: 2026-05-26 18:34
VLAI
Title
IBM HTTP Server is affected by multiple vulnerabilities
Summary
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_mem_cache.
Severity
7.5 (High)
CWE
- CWE-825 - Expired Pointer Dereference
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7274065 | vendor-advisorypatch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | HTTP Server |
Affected:
8.5.0 , ≤ Interim Fix 002
(semver)
Affected: 9.0 (semver) cpe:2.3:a:ibm:http_server:8.5:*:*:*:*:*:*:* cpe:2.3:a:ibm:http_server:8.5.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:http_server:9.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:http_server:9.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8854",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:32:36.805578Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:34:16.176Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:http_server:8.5:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:http_server:8.5.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:http_server:9.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:http_server:9.0.0:*:*:*:*:*:*:*"
],
"product": "HTTP Server",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "Interim Fix 002",
"status": "affected",
"version": "8.5.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "9.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_mem_cache.\u003c/p\u003e"
}
],
"value": "IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_mem_cache."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-825",
"description": "CWE-825 Expired Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T16:58:11.497Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7274065"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by applying a currently available interim fix or fix pack that contains the fix for APAR PH71265.\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eFor IBM HTTP Server used by IBM WebSphere Application Server:\u003c/strong\u003e\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eFor V9.0.0.0 through 9.0.5.28:\u003c/strong\u003e\u003cbr\u003e\u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves \u003ca href=\"https://www.ibm.com/support/pages/node/7239806\" rel=\"nofollow\"\u003ePH71265\u003c/a\u003e\u003cbr\u003e--OR--\u003cbr\u003e\u00b7 Apply Fix Pack 9.0.5.29 or later (targeted availability 3Q2026).\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eFor V8.5.0.0 through 8.5.5.29:\u003c/strong\u003e\u003cbr\u003e\u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves \u003ca href=\"https://www.ibm.com/support/pages/node/7239806\" rel=\"nofollow\"\u003ePH71265\u003c/a\u003e\u003cbr\u003e--OR--\u003cbr\u003e\u00b7 Apply Fix Pack 8.5.5.30 or later (targeted availability 3Q2026).\u003c/p\u003e\u003cp\u003e\u0026nbsp;Additional interim fixes may be available and linked off the interim fix download page.\u003c/p\u003e\u003cp\u003eImportant Note\u003c/p\u003e\u003cp\u003eIBM strongly suggests that all System z customers be subscribed to the System z Security Portal to receive the latest critical System z security and integrity service. If you are not subscribed, see the instructions on the System z Security web site. Security and integrity APARs and associated fixes will be posted to this portal. IBM suggests reviewing the CVSS scores and applying all security or integrity fixes as soon as possible to minimize any potential risk.\u003c/p\u003e"
}
],
"value": "IBM strongly recommends addressing the vulnerability now by applying a currently available interim fix or fix pack that contains the fix for APAR PH71265.For IBM HTTP Server used by IBM WebSphere Application Server:For V9.0.0.0 through 9.0.5.28:\u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves PH71265--OR--\u00b7 Apply Fix Pack 9.0.5.29 or later (targeted availability 3Q2026).\u00a0For V8.5.0.0 through 8.5.5.29:\u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves PH71265--OR--\u00b7 Apply Fix Pack 8.5.5.30 or later (targeted availability 3Q2026).\u00a0Additional interim fixes may be available and linked off the interim fix download page.Important NoteIBM strongly suggests that all System z customers be subscribed to the System z Security Portal to receive the latest critical System z security and integrity service. If you are not subscribed, see the instructions on the System z Security web site. Security and integrity APARs and associated fixes will be posted to this portal. IBM suggests reviewing the CVSS scores and applying all security or integrity fixes as soon as possible to minimize any potential risk."
}
],
"title": "IBM HTTP Server is affected by multiple vulnerabilities",
"x_generator": {
"engine": "ibm-cvegen"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2026-8854",
"datePublished": "2026-05-26T16:58:11.497Z",
"dateReserved": "2026-05-18T16:15:08.013Z",
"dateUpdated": "2026-05-26T18:34:16.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phase: Architecture and Design
Description:
- Choose a language that provides automatic memory management.
Mitigation
Phase: Implementation
Description:
- When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.
No CAPEC attack patterns related to this CWE.