A vulnerability was found in IBM WebSphere Application Server up to 1.1.9.12/8.5 . It has been declared as critical . This affects an unknown function. The manipulation results in code injection. This vulnerability is identified as CVE-2026-9311 . The attack can be executed remotely. There is not any exploit available. It is recommended to upgrade the affected component.