f5

1,031 tracked vulnerabilities.

CVE-2026-41959 MEDIUM
F5 BIG-IP and BIG-IQ - Authenticated Information Disclosure via TMOS Shell and iControl REST
May 13, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-41957 HIGH
F5 - BIG-IP and BIG-IQ Configuration Utility Vulnerability
May 13, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-41956 HIGH
F5 BIG-IP UDP Classification Profile - TMM Denial of Service
May 13, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-41954 MEDIUM
F5 - iControl REST and Tmsh Vulnerability
May 13, 2026
CVSS 4.9
EPSS 0.00
CVE-2026-41953 HIGH
F5 BIG-IP 16.1.0-17.1.3.1/17.5.0-17.5.1.5/21.0.0-21.0.0.1/>=21.1.0 Privilege Escalation via Config Modification
May 13, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-41227 HIGH
BIG-IP HTTP/2 Layer 7 Dos Protection vulnerability
May 13, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-41225 CRITICAL
F5 BIG-IP 16.1.0-17.1.3.1/17.5.0-17.5.1.5/21.0.0-21.0.0.1/>=21.1.0 - Authenticated RCE via iControl REST
May 13, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-41219 MEDIUM
F5 BIG-IP QKView - Sensitive Information Disclosure
May 13, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-41218 HIGH
F5 BIG-IP PEM iRules - TMM Denial of Service
May 13, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-41217 HIGH
F5 BIG-IP tmsh - Privileged Command Execution
May 13, 2026
CVSS 7.9
EPSS 0.00
CVE-2026-40703 MEDIUM
BIG-IP 16.1.0-17.1.3.1 17.5.0-17.5.1.4 >=21.0.0 - Cross-Site Request Forgery in Dashboard
May 13, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-40701 MEDIUM
NGINX Plus and NGINX Open Source - Use-After-Free in ngx_http_ssl_module
May 13, 2026
CVSS 4.8
EPSS 0.01
CVE-2026-40699 MEDIUM
F5 BIG-IP 21.1.0-21.0.0.1, 17.5.0-17.5.1.4, 17.1.0-17.1.3.1, 16.1.0 - Authenticated Information Disclosure
May 13, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-40698 HIGH
F5 BIG-IP and BIG-IQ - Authenticated Privilege Escalation via SNMP Configuration Object Creation
May 13, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-40631 HIGH
F5 BIG-IP 21.1.0-21.0.0.2 Authenticated Privilege Escalation via iControl SOAP
May 13, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-40629 HIGH
F5 BIG-IP SSL/TLS - Virtual Server Denial of Service
May 13, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-40618 HIGH
F5 BIG-IP SSL/TLS - TMM Denial of Service
May 13, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-40462 MEDIUM
F5 BIG-IP 16.1.0-17.1.3.0 17.5.0-17.5.1.3 21.0.0-21.0.0 21.1.0+ - Authenticated Information Disclosure
May 13, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-40460 MEDIUM
NGINX Plus and Open Source - Authentication Bypass via HTTP/3 QUIC Module
May 13, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-40435 MEDIUM
F5 BIG-IP httpd - Access Control Bypass
May 13, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-40423 HIGH
F5 BIG-IP SIP Profile - TMM Denial of Service
May 13, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-40067 HIGH
F5 BIG-IP APM - apmd Denial of Service
May 13, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-40061 HIGH
BIG-IP 21.1.0-21.0.0.1 Authenticated Command Injection via iControl REST
May 13, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-40060 HIGH
F5 BIG-IP Advanced WAF/ASM - bd Denial of Service
May 13, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-39459 HIGH
F5 - iControl REST and Tmsh Vulnerability
May 13, 2026
CVSS 7.2
EPSS 0.00