IBM Websphere Application Server Liberty
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in IBM Websphere Application Server Liberty.
By the Year
In 2026 there have been 3 vulnerabilities in IBM Websphere Application Server Liberty with an average score of 6.0 out of ten. Websphere Application Server Liberty did not have any published security vulnerabilities last year. That is, 3 more vulnerabilities have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 3 | 5.97 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 1 | 9.80 |
It may take a day or so for new Websphere Application Server Liberty vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Websphere Application Server Liberty Security Vulnerabilities
IBM WebSphere App Server Liberty 17.0.0.3-26.0.0.3 Admin Security Weakness
CVE-2025-14917
6.7 - Medium
- March 25, 2026
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings.
1393
Privilege Escalation in IBM WebSphere AppSrv Liberty 17.0.0.3-26.0.0.3
CVE-2025-14915
6.5 - Medium
- March 25, 2026
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is affected by privilege escalation. A privileged user could gain additional access to the application server.
Information Disclosure
IBM WebSphere Liberty 17.0-26.0 weaker security via Security Util
CVE-2025-14923
4.7 - Medium
- March 03, 2026
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could provide weaker than expected security when using the Security Utility when administering security settings.
Use of Hard-coded Cryptographic Key
IBM WebSphere AS Liberty Weak Expiration Handling 23.0.0.9-10
CVE-2023-46158
9.8 - Critical
- October 25, 2023
IBM WebSphere Application Server Liberty 23.0.0.9 through 23.0.0.10 could provide weaker than expected security due to improper resource expiration handling. IBM X-Force ID: 268775.
Insufficient Session Expiration
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Websphere Application Server Liberty or by IBM? Click the Watch button to subscribe.
