High severity7.7NVD Advisory· Published May 26, 2026· Updated May 26, 2026
CVE-2026-8856
CVE-2026-8856
Description
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:ibm:http_server:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ibm:http_server:*:*:*:*:*:*:*:*range: >=8.5.0.0,<8.5.5.30
- (no CPE)range: 8.5, 9.0
Patches
Vulnerability mechanics
References
1- www.ibm.com/support/pages/node/7274065nvdVendor Advisory
News mentions
2- NIST Enrichment Reductions Impact CVE Coverage, AccuracyDark Reading · Jun 29, 2026
- IBM HTTP Server: Eight CVEs Disclosed, Including Critical Unauthenticated RCEVypr Intelligence · May 26, 2026