Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-54858

Summary
Assigner-f5
Assigner Org ID-9dacffd4-cb11-413f-8451-fbbfd4ddc0ab
Published At-15 Oct, 2025 | 13:55
Updated At-26 Feb, 2026 | 16:57
Rejected At-
Credits

BIG-IP Advanced WAF and ASM vulnerability

When a BIG-IP Advanced WAF or BIG-IP ASM Security Policy is configured with a JSON content profile that has a malformed JSON schema, and the security policy is applied to a virtual server, undisclosed requests can cause the bd process to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:f5
Assigner Org ID:9dacffd4-cb11-413f-8451-fbbfd4ddc0ab
Published At:15 Oct, 2025 | 13:55
Updated At:26 Feb, 2026 | 16:57
Rejected At:
▼CVE Numbering Authority (CNA)
BIG-IP Advanced WAF and ASM vulnerability

When a BIG-IP Advanced WAF or BIG-IP ASM Security Policy is configured with a JSON content profile that has a malformed JSON schema, and the security policy is applied to a virtual server, undisclosed requests can cause the bd process to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Affected Products
Vendor
F5, Inc.F5
Product
BIG-IP
Modules
  • ASM
  • Advanced WAF
Default Status
unknown
Versions
Affected
  • From 17.5.0 before 17.5.1.3 (custom)
  • From 17.1.0 before 17.1.3 (custom)
  • From 16.1.0 before 16.1.6.1 (custom)
  • From 15.1.0 before 15.1.10.8 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-674CWE-674 Uncontrolled Recursion
Type: CWE
CWE ID: CWE-674
Description: CWE-674 Uncontrolled Recursion
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
F5
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://my.f5.com/manage/s/article/K000156621
vendor-advisory
Hyperlink: https://my.f5.com/manage/s/article/K000156621
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:f5sirt@f5.com
Published At:15 Oct, 2025 | 14:15
Updated At:21 Oct, 2025 | 20:13

When a BIG-IP Advanced WAF or BIG-IP ASM Security Policy is configured with a JSON content profile that has a malformed JSON schema, and the security policy is applied to a virtual server, undisclosed requests can cause the bd process to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
F5, Inc.
f5
>>big-ip_advanced_web_application_firewall>>Versions from 15.1.0(inclusive) to 15.1.10.8(exclusive)
cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_advanced_web_application_firewall>>Versions from 16.1.0(inclusive) to 16.1.6.1(exclusive)
cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_advanced_web_application_firewall>>Versions from 17.1.0(inclusive) to 17.1.3(exclusive)
cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_advanced_web_application_firewall>>Versions from 17.5.0(inclusive) to 17.5.1.3(exclusive)
cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_application_security_manager>>Versions from 15.1.0(inclusive) to 15.1.10.8(exclusive)
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_application_security_manager>>Versions from 16.1.0(inclusive) to 16.1.6.1(exclusive)
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_application_security_manager>>Versions from 17.1.0(inclusive) to 17.1.3(exclusive)
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_application_security_manager>>Versions from 17.5.0(inclusive) to 17.5.1.3(exclusive)
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-674Primaryf5sirt@f5.com
CWE ID: CWE-674
Type: Primary
Source: f5sirt@f5.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://my.f5.com/manage/s/article/K000156621f5sirt@f5.com
Vendor Advisory
Hyperlink: https://my.f5.com/manage/s/article/K000156621
Source: f5sirt@f5.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

410Records found
CVE-2021-42717
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.04% / 84.15%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 21:08
Updated-03 Jul, 2025 | 20:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects with nesting tens-of-thousands deep could result in the web server being unable to service legitimate requests. Even a moderately large (e.g., 300KB) HTTP request can occupy one of the limited NGINX worker processes for minutes and consume almost all of the available CPU on the machine. Modsecurity 2 is similarly vulnerable: the affected versions include 2.8.0 through 2.9.4.

Action-Not Available
Vendor-owasptrustwaven/aF5, Inc.Debian GNU/LinuxOracle Corporation
Product-debian_linuxhttp_serverzfs_storage_appliance_kitnginx_modsecurity_wafmodsecurityn/a
CWE ID-CWE-674
Uncontrolled Recursion
CVE-2019-12295
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.40% / 80.76%
||
7 Day CHG~0.00%
Published-23 May, 2019 | 11:56
Updated-04 Aug, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion.

Action-Not Available
Vendor-n/aCanonical Ltd.Wireshark FoundationF5, Inc.Debian GNU/Linux
Product-ubuntu_linuxbig-ip_webacceleratorbig-ip_application_acceleration_managerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_analyticsbig-ip_local_traffic_managerbig-ip_domain_name_systemwiresharkbig-ip_application_security_managerbig-ip_edge_gatewaydebian_linuxbig-ip_link_controllerbig-ip_access_policy_managerbig-ip_advanced_firewall_managern/a
CWE ID-CWE-674
Uncontrolled Recursion
CVE-2025-60016
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.09% / 25.05%
||
7 Day CHG~0.00%
Published-15 Oct, 2025 | 13:55
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP SSL/TLS vulnerability

When Diffie-Hellman (DH) group Elliptic Curve Cryptography (ECC) Brainpool curves are configured in an SSL profile's Cipher Rule or Cipher Group, and that profile is applied to a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_next_service_proxy_for_kubernetesbig-ip_next_cloud-native_network_functionsBIG-IP Next CNFBIG-IPBIG-IP Next SPK
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-59778
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.7||HIGH
EPSS-0.09% / 25.05%
||
7 Day CHG~0.00%
Published-15 Oct, 2025 | 13:55
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
VELOS partition container network vulnerability

When the Allowed IP Addresses feature is configured on the F5OS-C partition control plane, undisclosed traffic can cause multiple containers to terminate.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-f5os-cF5OS - Chassis
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2025-59478
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.09% / 25.05%
||
7 Day CHG~0.00%
Published-15 Oct, 2025 | 13:55
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP AFM DoS protection profile vulnerability

When a BIG-IP AFM denial-of-service (DoS) protection profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_advanced_firewall_managerBIG-IP
CWE ID-CWE-824
Access of Uninitialized Pointer
CVE-2025-58071
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.09% / 25.05%
||
7 Day CHG~0.00%
Published-15 Oct, 2025 | 15:19
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP IPSec vulnerability

When IPsec is configured on the BIG-IP system, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_next_for_kubernetesbig-ip_global_traffic_managerbig-ip_application_acceleration_managerbig-ip_carrier-grade_natbig-ip_ddos_hybrid_defenderbig-ip_advanced_firewall_managerbig-ip_policy_enforcement_managerbig-ip_local_traffic_managerbig-ip_webacceleratorbig-ip_access_policy_managerbig-ip_advanced_web_application_firewallbig-ip_fraud_protection_servicebig-ip_analyticsbig-ip_ssl_orchestratorbig-ip_edge_gatewaybig-ip_link_controllerbig-ip_next_cloud-native_network_functionsbig-ip_container_ingress_servicesbig-ip_application_security_managerbig-ip_automation_toolchainbig-ip_domain_name_systembig-ip_application_visibility_and_reportingbig-ip_websafeBIG-IP Next CNFBIG-IPBIG-IP Next for Kubernetes
CWE ID-CWE-457
Use of Uninitialized Variable
CVE-2022-29369
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.41% / 61.66%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 18:48
Updated-03 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nginx NJS v0.7.2 was discovered to contain a segmentation violation via njs_lvlhsh_bucket_find at njs_lvlhsh.c.

Action-Not Available
Vendor-n/aF5, Inc.
Product-njsn/a
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2025-58120
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.10% / 27.57%
||
7 Day CHG~0.00%
Published-15 Oct, 2025 | 13:55
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP Next (CNF, SPK, and Kubernetes) vulnerability

When HTTP/2 Ingress is configured, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_next_for_kubernetesbig-ip_next_service_proxy_for_kubernetesbig-ip_next_cloud-native_network_functionsBIG-IP Next CNFBIG-IP Next SPKBIG-IP Next for Kubernetes
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-28706
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.67% / 71.83%
||
7 Day CHG~0.00%
Published-05 May, 2022 | 16:37
Updated-17 Sep, 2024 | 01:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On F5 BIG-IP 16.1.x versions prior to 16.1.2 and 15.1.x versions prior to 15.1.5.1, when the DNS resolver configuration is used, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_application_acceleration_managerbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerbig-ip_application_security_managerBIG-IP
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2022-28705
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.65% / 71.13%
||
7 Day CHG~0.00%
Published-05 May, 2022 | 16:35
Updated-16 Sep, 2024 | 19:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, on platforms with an ePVA and the pva.fwdaccel BigDB variable enabled, undisclosed requests to a virtual server with a FastL4 profile that has ePVA acceleration enabled can cause the Traffic Management Microkernel (TMM) process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_application_acceleration_managerbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerbig-ip_application_security_managerBIG-IP
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-55669
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.33% / 55.81%
||
7 Day CHG~0.00%
Published-15 Oct, 2025 | 13:55
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP HTTP/2 vulnerability

When the BIG-IP Advanced WAF and ASM security policy and a server-side HTTP/2 profile are configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_application_security_managerBIG-IP
CWE ID-CWE-672
Operation on a Resource after Expiration or Release
CVE-2025-55036
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.09% / 25.05%
||
7 Day CHG~0.00%
Published-15 Oct, 2025 | 13:55
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP SSL Orchestrator vulnerability

When BIG-IP SSL Orchestrator explicit forward proxy is configured on a virtual server and the proxy connect feature is enabled, undisclosed traffic may cause memory corruption.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_ssl_orchestratorBIG-IP
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-5936
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.50% / 66.10%
||
7 Day CHG~0.00%
Published-29 Oct, 2020 | 15:21
Updated-04 Aug, 2024 | 08:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On BIG-IP LTM 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.1, the Traffic Management Microkernel (TMM) process may consume excessive resources when processing SSL traffic and client authentication are enabled on the client SSL profile.

Action-Not Available
Vendor-n/aF5, Inc.
Product-big-ip_local_traffic_managerBIG-IP LTM
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-54479
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.09% / 25.05%
||
7 Day CHG~0.00%
Published-15 Oct, 2025 | 13:55
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP PEM vulnerability

When a classification profile is configured on a virtual server without an HTTP or HTTP/2 profile, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_next_for_kubernetesbig-ip_policy_enforcement_managerbig-ip_next_cloud-native_network_functionsBIG-IP Next CNFBIG-IPBIG-IP Next for Kubernetes
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-5878
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.65% / 71.13%
||
7 Day CHG~0.00%
Published-30 Apr, 2020 | 20:24
Updated-04 Aug, 2024 | 08:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.3, Traffic Management Microkernel (TMM) may restart on BIG-IP Virtual Edition (VE) while processing unusual IP traffic.

Action-Not Available
Vendor-n/aF5, Inc.
Product-big-ip_application_acceleration_managerbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerbig-ip_application_security_managerBIG-IP VE
CVE-2025-54854
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.09% / 25.05%
||
7 Day CHG~0.00%
Published-15 Oct, 2025 | 13:55
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BigIP APM Vulnerability

When a BIG-IP APM OAuth access profile (Resource Server or Resource Client) is configured on a virtual server, undisclosed traffic can cause the apmd process to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_access_policy_managerBIG-IP
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-26890
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.89% / 75.92%
||
7 Day CHG~0.00%
Published-05 May, 2022 | 16:06
Updated-16 Sep, 2024 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On F5 BIG-IP Advanced WAF, ASM, and APM 16.1.x versions prior to 16.1.2.1, 15.1.x versions prior to 15.1.5, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, when ASM or Advanced WAF, as well as APM, are configured on a virtual server, the ASM policy is configured with Session Awareness, and the "Use APM Username and Session ID" option is enabled, undisclosed requests can cause the bd process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_access_policy_managerbig-ip_advanced_web_application_firewallbig-ip_application_security_managerBIG-IP Advanced WAF, ASM, and APM
CWE ID-CWE-670
Always-Incorrect Control Flow Implementation
CVE-2025-53474
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.09% / 25.05%
||
7 Day CHG~0.00%
Published-15 Oct, 2025 | 13:55
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP iRules vulnerability

When an iRule using an ILX::call command is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_global_traffic_managerbig-ip_application_acceleration_managerbig-ip_carrier-grade_natbig-ip_ddos_hybrid_defenderbig-ip_advanced_firewall_managerbig-ip_policy_enforcement_managerbig-ip_local_traffic_managerbig-ip_webacceleratorbig-ip_access_policy_managerbig-ip_advanced_web_application_firewallbig-ip_fraud_protection_servicebig-ip_analyticsbig-ip_ssl_orchestratorbig-ip_edge_gatewaybig-ip_link_controllerbig-ip_container_ingress_servicesbig-ip_application_security_managerbig-ip_automation_toolchainbig-ip_domain_name_systembig-ip_application_visibility_and_reportingbig-ip_websafeBIG-IP
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-26372
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.89% / 75.92%
||
7 Day CHG~0.00%
Published-05 May, 2022 | 16:26
Updated-16 Sep, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On F5 BIG-IP 15.1.x versions prior to 15.1.0.2, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, when a DNS listener is configured on a virtual server with DNS queueing (default), undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_application_acceleration_managerbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerbig-ip_application_security_managerBIG-IP
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-26370
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.67% / 71.83%
||
7 Day CHG~0.00%
Published-05 May, 2022 | 16:25
Updated-16 Sep, 2024 | 23:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, and 14.1.x versions prior to 14.1.4.6, when a Session Initiation Protocol (SIP) message routing framework (MRF) application layer gateway (ALG) profile is configured on a Message Routing virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_application_acceleration_managerbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerbig-ip_application_security_managerBIG-IP
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2018-14880
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.44% / 85.46%
||
7 Day CHG~0.00%
Published-03 Oct, 2019 | 15:35
Updated-05 Aug, 2024 | 09:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().

Action-Not Available
Vendor-n/aDebian GNU/LinuxApple Inc.tcpdump & libpcapFedora ProjectRed Hat, Inc.openSUSEF5, Inc.
Product-big-ip_webacceleratorbig-ip_application_acceleration_managerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_serviceenterprise_linuxbig-ip_global_traffic_managerbig-ip_local_traffic_managerbig-ip_analyticsbig-ip_domain_name_systemiworkflowbig-ip_application_security_managertcpdumpbig-ip_edge_gatewaydebian_linuxbig-iq_centralized_managementbig-ip_link_controllerfedoramac_os_xenterprise_managerbig-ip_access_policy_managertraffix_signaling_delivery_controllerbig-ip_advanced_firewall_managerleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-14469
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.99% / 77.18%
||
7 Day CHG~0.00%
Published-03 Oct, 2019 | 15:29
Updated-05 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().

Action-Not Available
Vendor-n/aDebian GNU/LinuxApple Inc.tcpdump & libpcapFedora ProjectRed Hat, Inc.openSUSEF5, Inc.
Product-debian_linuxfedoraenterprise_linuxmac_os_xtraffix_signaling_delivery_controllertcpdumpleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-42920
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.10% / 26.98%
||
7 Day CHG~0.00%
Published-13 May, 2026 | 14:12
Updated-13 May, 2026 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP DTLS Vulnerability

When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-BIG-IP
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2018-14465
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.54% / 85.73%
||
7 Day CHG~0.00%
Published-03 Oct, 2019 | 15:15
Updated-17 Dec, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectF5, Inc.openSUSERed Hat, Inc.Apple Inc.tcpdump & libpcap
Product-debian_linuxenterprise_linuxtraffix_signaling_delivery_controllerfedoraleapmac_os_xtcpdumpn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-41956
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.10% / 26.98%
||
7 Day CHG~0.00%
Published-13 May, 2026 | 14:12
Updated-13 May, 2026 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP TMM Vulnerability

When a classification profile is configured on a UDP virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-BIG-IPBIG-IP Next CNFBIG-IP Next for Kubernetes
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-42409
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.11% / 29.73%
||
7 Day CHG~0.00%
Published-13 May, 2026 | 14:12
Updated-13 May, 2026 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP HTTP/2 vulnerability

When an HTTP/2 profile and an iRule containing the HTTP::redirect or HTTP::respond command are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-BIG-IP Next SPKBIG-IPBIG-IP Next CNFBIG-IP Next for Kubernetes
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-23016
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.71% / 72.64%
||
7 Day CHG~0.00%
Published-25 Jan, 2022 | 19:11
Updated-03 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On versions 16.1.x before 16.1.2 and 15.1.x before 15.1.4.1, when BIG-IP SSL Forward Proxy with TLS 1.3 is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-n/aF5, Inc.
Product-big-ip_application_acceleration_managerbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerbig-ip_application_security_managerBIG-IP
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-23017
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.71% / 72.64%
||
7 Day CHG~0.00%
Published-25 Jan, 2022 | 19:11
Updated-03 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On BIG-IP version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and all versions of 13.1.x, when a virtual server is configured with a DNS profile with the Rapid Response Mode setting enabled and is configured on a BIG-IP system, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-n/aF5, Inc.
Product-big-ip_application_acceleration_managerbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerbig-ip_application_security_managerBIG-IP
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-41218
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.10% / 26.98%
||
7 Day CHG~0.00%
Published-13 May, 2026 | 14:12
Updated-13 May, 2026 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP PEM iRules vulnerability

When BIG-IP PEM iRules are configured on a virtual server (iRules using commands starting with CLASSIFICATION::, CLASSIFY::, PEM::, PSC::, and the urlcatquery command), undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-BIG-IP
CWE ID-CWE-416
Use After Free
CVE-2022-34030
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.25% / 48.80%
||
7 Day CHG~0.00%
Published-18 Jul, 2022 | 20:14
Updated-03 Aug, 2024 | 08:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_djb_hash at src/njs_djb_hash.c.

Action-Not Available
Vendor-n/aF5, Inc.
Product-njsn/a
CVE-2026-40629
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.10% / 26.98%
||
7 Day CHG~0.00%
Published-13 May, 2026 | 14:12
Updated-13 May, 2026 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP SSL/TLS vulnerability

When SSL profiles are configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing new client connections.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-BIG-IP Next SPKBIG-IPBIG-IP Next CNFBIG-IP Next for Kubernetes
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2022-23022
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.71% / 72.64%
||
7 Day CHG~0.00%
Published-25 Jan, 2022 | 19:11
Updated-03 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On BIG-IP version 16.1.x before 16.1.2, when an HTTP profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-n/aF5, Inc.
Product-big-ip_application_acceleration_managerbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerbig-ip_application_security_managerBIG-IP
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-23021
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.71% / 72.64%
||
7 Day CHG~0.00%
Published-25 Jan, 2022 | 19:11
Updated-03 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On BIG-IP version 16.1.x before 16.1.2, when any of the following configurations are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate: HTTP redirect rule in an LTM policy, BIG-IP APM Access Profile, and Explicit HTTP Proxy in HTTP Profile. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-n/aF5, Inc.
Product-big-ip_application_acceleration_managerbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerbig-ip_application_security_managerBIG-IP
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-40618
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.10% / 26.98%
||
7 Day CHG~0.00%
Published-13 May, 2026 | 14:12
Updated-13 May, 2026 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP SSL/TLS vulnerability

When an SSL profile is configured on a virtual server on BIG-IP Virtual Edition (VE) without Intel QuickAssist Technology (QAT) or on BIG-IP hardware platforms with the database variable crypto.hwacceleration set to disabled, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-BIG-IP Next SPKBIG-IPBIG-IP Next CNFBIG-IP Next for Kubernetes
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CVE-2022-23025
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.75% / 73.56%
||
7 Day CHG~0.00%
Published-25 Jan, 2022 | 19:11
Updated-03 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On BIG-IP version 16.1.x before 16.1.1, 15.1.x before 15.1.4, 14.1.x before 14.1.4.4, and all versions of 13.1.x, when a SIP ALG profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-n/aF5, Inc.
Product-big-ip_ssl_orchestratorbig-ip_application_acceleration_managerbig-ip_advanced_web_application_firewallbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerbig-ip_application_security_managerbig-ip_ddos_hybrid_defenderBIG-IP
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-41227
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.10% / 26.98%
||
7 Day CHG~0.00%
Published-13 May, 2026 | 14:12
Updated-13 May, 2026 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP HTTP/2 Layer 7 Dos Protection vulnerability

On an HTTP/2 virtual server with Layer 7 DoS Protection configured, undisclosed traffic can result in an increase in memory consumption causing the Traffic Management Microkernel (TMM) process to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-BIG-IP
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2022-23018
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.61% / 70.17%
||
7 Day CHG~0.00%
Published-25 Jan, 2022 | 19:11
Updated-03 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On BIG-IP AFM version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and 13.1.x beginning in 13.1.3.4, when a virtual server is configured with both HTTP protocol security and HTTP Proxy Connect profiles, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-n/aF5, Inc.
Product-big-ip_advanced_firewall_managerBIG-IP AFM
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2022-23011
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.68% / 72.02%
||
7 Day CHG~0.00%
Published-25 Jan, 2022 | 19:11
Updated-03 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On certain hardware BIG-IP platforms, in version 15.1.x before 15.1.4 and 14.1.x before 14.1.3, virtual servers may stop responding while processing TCP traffic due to an issue in the SYN Cookie Protection feature. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-n/aF5, Inc.
Product-big-ip_application_acceleration_managerbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_i2800big-ip_i2600big-ip_i850big-ip_global_traffic_managerbig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerbig-ip_application_security_managerBIG-IP
CWE ID-CWE-682
Incorrect Calculation
CVE-2026-39455
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.10% / 28.14%
||
7 Day CHG~0.00%
Published-13 May, 2026 | 14:12
Updated-13 May, 2026 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP Configuration utility vulnerability

When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol (LDAP) authentication, undisclosed traffic can cause the httpd process to exhaust the available file descriptors.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-BIG-IP
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2026-40423
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.10% / 26.98%
||
7 Day CHG~0.00%
Published-13 May, 2026 | 14:12
Updated-13 May, 2026 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP SIP profile vulnerability

When a SIP profile is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-BIG-IP
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2022-23020
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.71% / 72.64%
||
7 Day CHG~0.00%
Published-25 Jan, 2022 | 19:11
Updated-03 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On BIG-IP version 16.1.x before 16.1.2, when the 'Respond on Error' setting is enabled on the Request Logging profile and configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-n/aF5, Inc.
Product-big-ip_application_acceleration_managerbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerbig-ip_application_security_managerBIG-IP
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-23010
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.61% / 70.17%
||
7 Day CHG~0.00%
Published-25 Jan, 2022 | 19:11
Updated-03 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On BIG-IP versions 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a FastL4 profile and an HTTP profile are configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-n/aF5, Inc.
Product-big-ip_application_acceleration_managerbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerbig-ip_application_security_managerBIG-IP
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2022-23024
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.65% / 71.13%
||
7 Day CHG~0.00%
Published-25 Jan, 2022 | 19:11
Updated-03 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On BIG-IP AFM version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.2, and all versions of 13.1.x, when the IPsec application layer gateway (ALG) logging profile is configured on an IPsec ALG virtual server, undisclosed IPsec traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-n/aF5, Inc.
Product-big-ip_advanced_firewall_managerBIG-IP AFM
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-39458
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.10% / 26.98%
||
7 Day CHG~0.00%
Published-13 May, 2026 | 14:12
Updated-13 May, 2026 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP DNS Cache vulnerability

When a BIG-IP DNS profile enabled with DNS cache is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-BIG-IP
CWE ID-CWE-824
Access of Uninitialized Pointer
CVE-2026-40060
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.10% / 26.98%
||
7 Day CHG~0.00%
Published-13 May, 2026 | 14:12
Updated-13 May, 2026 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP Advanced WAF and ASM vulnerability

When a BIG-IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-BIG-IP
CWE ID-CWE-252
Unchecked Return Value
CVE-2026-40067
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.10% / 26.98%
||
7 Day CHG~0.00%
Published-13 May, 2026 | 14:12
Updated-13 May, 2026 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP APM Vulnerability

When a BIG-IP APM access policy is configured on a virtual server, undisclosed traffic can cause the apmd process to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-BIG-IP
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-27008
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.42% / 62.19%
||
7 Day CHG~0.00%
Published-14 Apr, 2022 | 14:04
Updated-03 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

nginx njs 0.7.2 is vulnerable to Buffer Overflow. Type confused in Array.prototype.concat() when a slow array appended element is fast array.

Action-Not Available
Vendor-n/aF5, Inc.
Product-njsn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-44487
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-94.40% / 99.98%
||
7 Day CHG-0.05%
Published-10 Oct, 2023 | 00:00
Updated-12 May, 2026 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-10-31||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

Action-Not Available
Vendor-linecorpcaddyserverkonghqakkakazu-yamamotovarnish_cache_projectprojectcontourgrpclinkerdopenrestyamazonenvoyproxyistiodenatraefiknghttp2n/aMicrosoft CorporationSiemens AGCisco Systems, Inc.Red Hat, Inc.JenkinsThe Apache Software FoundationFacebookApple Inc.Fedora ProjectNetApp, Inc.GoThe Netty ProjectEclipse Foundation AISBLNode.js (OpenJS Foundation)F5, Inc.The IETF Administration LLC (IETF LLC)Debian GNU/Linux
Product-nexus_9804nexus_9332d-h2rnexus_9372txnexus_9200istionexus_92160yc_switchfedoranexus_92160yc-xsiplus_s7-1500_cpu_1518-4_pn\/dp_mfp_firmwareenterprise_chat_and_email.netvisual_studio_2022windows_10_22h2node_healthcheck_operatornexus_36180yc-ropenshift_sandboxed_containersnexus_9500_4-slotnexus_93128tx_switchnexus_92300ycbig-ip_nextcost_managementjboss_enterprise_application_platformnexus_9200ycnexus_9332pqnexus_9396txproxygenultra_cloud_core_-_session_management_functionintegration_camel_kintegration_camel_for_spring_bootnexus_3064tazure_kubernetes_servicenexus_93180yc-fxcrosswork_zero_touch_provisioningbig-ip_analyticsnexus_3432d-snexus_93180yc-fx3secure_malware_analyticsopensearch_data_preppersecure_web_appliance_firmwareweb_terminalprime_infrastructurenexus_93180lc-ex_switchopenshift_container_platform_assisted_installercertification_for_red_hat_enterprise_linuxprime_cable_provisioningnexus_93108tc-fx-24connected_mobile_experiencesnexus_92300yc_switchprocess_automationexpresswayhttp_serverunified_attendant_console_advancedopenstack_platformnginx_plusnexus_93240yc-fx2nexus_3636c-rcryostatnexus_3100-zsingle_sign-onopenshift_distributed_tracingnexus_9736pqnexus_9272qnexus_3016qnexus_93108tc-ex-24unified_contact_center_domain_managernexus_9396tx_switchopenshift_developer_tools_and_servicesnexus_93128crosswork_situation_managernexus_93180yc-ex-24nexus_9332pq_switchwindows_server_2022nexus_31108pc-vopenshift_api_for_data_protectionopenshift_gitopsnexus_3132c-zsupport_for_spring_bootwindows_server_2016nexus_3016nexus_3132q-vopenshift_service_mesh3scale_api_management_platformnexus_3464cnexus_9500ropenshiftcaddynexus_3100-vnexus_3132qopenshift_secondary_scheduler_operatornexus_3064-32tnexus_31108tc-varmeriagomigration_toolkit_for_containersbuild_of_optaplannernexus_3232nexus_9372pxbig-ip_websafenexus_9500_supervisor_anexus_9348gc-fxpultra_cloud_core_-_serving_gateway_functionnexus_3172tqnexus_9504windows_10_21h2nexus_3064xnexus_3232cnexus_9636pqnexus_3400jettyansible_automation_platformnexus_9500_supervisor_bnexus_9372tx-ewindows_10_1809nexus_3524-xlnexus_3408-snexus_3172tq-32tnexus_93180tc-exnexus_9516nexus_3524-xnexus_3264c-enexus_3172pqnexus_3172pq\/pq-xlnexus_9336pqastra_control_centernexus_9364c-gxnexus_9336c-fx2simatic_s7-1500_cpu_1518-4_pn\/dpnexus_9236cnexus_9536pqnexus_9236c_switchnexus_93180yc-fx-24nexus_31128pqnetwork_observability_operatorbig-ip_application_security_managerprime_access_registrarswiftnio_http\/2linkerdios_xewindows_11_22h2nexus_9500_supervisor_b\+nexus_9364d-gx2adecision_managerbig-ip_policy_enforcement_managerquaynexus_3264qbusiness_process_automationnexus_3100vsecure_dynamic_attributes_connectornexus_9372tx_switchnexus_9500_supervisor_a\+machine_deletion_remediation_operatornode.jssatellitenexus_9348d-gx2abig-ip_domain_name_systemnexus_3064nexus_9372px-e_switchbig-ip_link_controllernexus_93108tc-ex_switchhttpbig-ip_advanced_firewall_managerprime_network_registrarcert-manager_operator_for_red_hat_openshiftnexus_9432pqtraefikbuild_of_quarkusnexus_3524self_node_remediation_operatorcrosswork_data_gatewaycontournode_maintenance_operatorcbl-marinernexus_9716d-gxsinec_insh2onexus_9332d-gx2bnexus_9372px_switchapisixjboss_core_servicesnexus_9500_16-slotsimatic_s7-1500_cpu_1518-4_pn\/dp_mfp_firmwareoncommand_insightnexus_9372px-enexus_9336pq_aci_spinenexus_3548-xnexus_9221cnexus_9272q_switchnexus_93108tc-fxfirepower_threat_defensebig-ip_fraud_protection_servicewindows_server_2019migration_toolkit_for_virtualizationvarnish_cacheunified_contact_center_enterprisenexus_93108tc-fx3hnexus_93240tc-fx2asp.net_coretelepresence_video_communication_servernexus_93216tc-fx2nexus_3100traffic_servernexus_3064-xnexus_9348gc-fx3nexus_9332cbig-ip_application_visibility_and_reportingnexus_3132q-x\/3132q-xltomcatwindows_10_1607simatic_s7-1500_cpu_1518f-4_pn\/dp_mfp_firmwarenexus_3172tq-xlnexus_3548-xlnexus_9336pq_aci_spine_switchsiplus_s7-1500_cpu_1518-4_pn\/dp_mfpnexus_3164qdebian_linuxnexus_9396px_switchnexus_9396pxlogging_subsystem_for_red_hat_openshiftnexus_9364cbig-ip_webacceleratoropenshift_serverlessnetworkingnexus_9500big-ip_ssl_orchestratornexus_93180yc-ex_switchnexus_9508nexus_3132q-xnexus_93120txnexus_3132q-xlnexus_9408ruggedcom_ape1808_firmwarenexus_34180ycnexus_93180yc-fx3snx-osnexus_93180lc-exunified_contact_center_management_portalnexus_92304qc_switchdata_center_network_manageropenrestynexus_92348gc-xbig-ip_application_acceleration_manageropenshift_virtualizationnexus_93108tc-fx3pnexus_93360yc-fx2nexus_3172pq-xlnexus_31108pv-vgrpcnexus_93128txnexus_3064-tadvanced_cluster_management_for_kubernetesbig-ip_advanced_web_application_firewallenvoynexus_3232c_big-ip_global_traffic_managernginxfence_agents_remediation_operatorjboss_data_gridios_xrfog_directorsimatic_s7-1500_cpu_1518f-4_pn\/dp_mfpbig-ip_carrier-grade_natnexus_9300windows_11_21h2secure_web_applianceintegration_service_registryhttp2openshift_dev_spacesbig-ip_ddos_hybrid_defendernexus_93180yc-fx3hservice_interconnectnghttp2openshift_data_sciencest7_scadaconnectnexus_93120tx_switchbig-ip_local_traffic_managerbig-ip_access_policy_managerjboss_fuseopenshift_container_platformopenshift_pipelinesnexus_3048nexus_9508_switchnettynexus_9336c-fx2-enexus_93600cd-gxnexus_34200yc-smnexus_9516_switchceph_storagenexus_3600jboss_a-mqrun_once_duration_override_operatornexus_9000vnexus_3172nexus_3500sinec_nmsruggedcom_ape1808nexus_9336pq_acinexus_9316d-gxnexus_9800kong_gatewayadvanced_cluster_securitynexus_3548-x\/xlunified_contact_center_enterprise_-_live_data_serverultra_cloud_core_-_policy_control_functionbig-ip_next_service_proxy_for_kubernetesnexus_9232enexus_9808jboss_a-mq_streamsnexus_92304qciot_field_network_directornexus_9500_8-slotmigration_toolkit_for_applicationsnexus_3200solrjenkinsnginx_ingress_controllernexus_93180yc-exnexus_9372tx-e_switchnexus_93108tc-exnexus_9504_switchnexus_3524-x\/xlnexus_3548service_telemetry_frameworkenterprise_linuxn/aRUGGEDCOM APE1808SINEC NMSSIPLUS S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-1500 CPU 1518F-4 PN/DP MFPSIMATIC S7-1500 CPU 1518-4 PN/DP MFPhttpHTTP/2
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-27651
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.06% / 20.09%
||
7 Day CHG+0.02%
Published-24 Mar, 2026 | 14:13
Updated-30 Mar, 2026 | 14:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NGINX ngx_mail_auth_http_module vulnerability

When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when (1) CRAM-MD5 or APOP authentication is enabled, and (2) the authentication server permits retry by returning the Auth-Wait response header. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-nginx_plusnginx_open_sourceNGINX PlusNGINX Open Source
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-23019
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.61% / 70.17%
||
7 Day CHG~0.00%
Published-25 Jan, 2022 | 19:11
Updated-03 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On BIG-IP version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all versions of 13.1.x and 12.1.x, when a message routing type virtual server is configured with both Diameter Session and Router Profiles, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-n/aF5, Inc.
Product-big-ip_application_acceleration_managerbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerbig-ip_application_security_managerBIG-IP
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 8
  • 9
  • Next
Details not found