CVE-2026-34019

MEDIUM

F5 BIG-IP BFD - Routing Protocol Denial of Service

Title source: manual

Description

When Bidirectional Forwarding Detection (BFD) is configured in Static and Dynamic routing protocols, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to stop processing BFD packets and cause the configured routing protocol to fail over. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory patch

https://my.f5.com/manage/s/article/K000150508

Scores

CVSS v3 5.3

EPSS 0.0010

EPSS Percentile 26.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-410

Status published

Products (4)

F5/BIG-IP 16.1.0

F5/BIG-IP 17.1.0 - 17.1.3

F5/BIG-IP 17.5.0 - 17.5.1

F5/BIG-IP 21.0.0

Published May 13, 2026

Tracked Since May 13, 2026