CVE-2026-5516

Severity CVSS v4.0:
Pending analysis
Type:
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Publication date:
27/05/2026
Last modified:
02/06/2026

Description

IBM WebSphere Application Server - Liberty 22.0.0.11 through 26.0.0.5 IBM WebSphere Application Server Liberty could allow a remote attacker to bypass security under limited conditions by exploiting a specific timing window.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:liberty:*:*:* 22.0.0.11 (including) 26.0.0.5 (including)


References to Advisories, Solutions, and Tools