Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-9171
PUBLISHED
More InfoOfficial Page
Assigner-ibm
Assigner Org ID-9a959283-ebb5-44b6-b705-dcc2bbced522
View Known Exploited Vulnerability (KEV) details
Published At-17 Jul, 2026 | 18:26
Updated At-17 Jul, 2026 | 18:26
Rejected At-
▼CVE Numbering Authority (CNA)
Vulnerabilities in IBM WebSphere Application affects IBM PowerVM Novalink.

IBM PowerVM Novalink are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.

Affected Products
Vendor
IBM CorporationIBM
Product
PowerVM Novalink
CPEs
  • cpe:2.3:a:ibm:powervm_novalink:2.2.02.2.12.2.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:powervm_novalink:2.3.02.3.0.12.3.12.3.2:*:*:*:*:*:*:*
Versions
Affected
  • 2.2.02.2.12.2.1.1
  • 2.3.02.3.0.12.3.12.3.2
Problem Types
TypeCWE IDDescription
CWECWE-400CWE-400 Uncontrolled Resource Consumption
Type: CWE
CWE ID: CWE-400
Description: CWE-400 Uncontrolled Resource Consumption
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

IBM strongly recommends addressing the vulnerability now by upgrading based on the table below. ProductVersionRemediationPowerVM Novalink 2.2.1.1 Update to pvm-novalink-2.2.1.1-260708 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.2.1.1_readme.html or Update to pvm-novalink-2.3.3-260714 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html PowerVM Novalink 2.3.3 Update to pvm-novalink-2.3.3-260714 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.ibm.com/support/pages/node/7280226
vendor-advisory
patch
Hyperlink: https://www.ibm.com/support/pages/node/7280226
Resource:
vendor-advisory
patch
Details not found