CVE-2026-9170
Critical · CVSS 9.8IBM HTTP Server — Improper Input Validation leading to Denial of Service and Remote Code Execution
- CVSS
- 9.8
- nvd
- EPSS
- 0.07%
- 20th pct
- KEV
- No
- Class
- other
- CWE-94
Description
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service and a potential remote code execution due to improper input validation.
Search profile — drives PoC discovery
Symbols IBM HTTP ServerIHSimproper input validationdenial of serviceremote code executionCWE-94
Keywords CVE-2026-9170IBM HTTP ServerIHS 8.5IHS 9.0remote code executiondenial of serviceimproper input validationPoCexploit
Versions: 8.5, 9.0
References
Status: enriched · ingested 2026-06-11T18:20:51.547Z · profiled 2026-06-16T18:20:23.035Z