CVE-2026-40004

Technical details about CVE-2026-40004 are not publicly provided in the supplied documents. No explicit affected products, versions, impact, or fixes are present here. Monitor for updates from vendors and security feeds for confirmation and remediation guidance.

Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.57 CNF IBU extras update

An update for ibu components is available for Red Hat OpenShift Container Platform 4.14. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the extra ibu container...

CVE-2025-59781

When DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual server, undisclosed DNS queries can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-55670 BIG-IP Next (CNF, SPK, and Kubernetes) vulnerability

On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-59781 BIG-IP DNS cache vulnerability

When DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual server, undisclosed DNS queries can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

F5 Networks BIG-IP : BIG-IP DNS cache vulnerability (K000150637)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.8 / 16.1.6 / 17.1.2.2. It is, therefore, affected by a vulnerability as referenced in the K000150637 advisory. When DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual server, undisclosed DNS queries can...

EUVD-2013-1403

Malware in sbrugna...

EUVD-2024-20825

Malicious code in bioql PyPI...

GHSA-V9XQ-2MVM-X8XC Duende IdentityServer has insufficient validation of DPoP cnf claim in Local APIs

Impact IdentityServer's local API authentication handler performs insufficient validation of the cnf claim in DPoP access tokens. This allows an attacker to use leaked DPoP access tokens at local api endpoints even without possessing the private key for signing proof tokens. Note that this only...

Duende IdentityServer has insufficient validation of DPoP cnf claim in Local APIs

Impact IdentityServer's local API authentication handler performs insufficient validation of the cnf claim in DPoP access tokens. This allows an attacker to use leaked DPoP access tokens at local api endpoints even without possessing the private key for signing proof tokens. Note that this only...

K000138913: BIG-IP Next CNF vulnerability CVE-2024-28132

Security Advisory Description Exposure of a Sensitive Information vulnerability exists in the Global Server Load Balancing GSLB container, which may allow an authenticated attacker with administrator role privileges to view sensitive information. CVE-2024-28132 Impact An authenticated attacker ma...

K000138682: libssh vulnerability CVE-2023-2283

Security Advisory Description A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in thepkiverifydatasignature function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The...

CVE-2024-23306

A vulnerability exists in BIG-IP Next CNF and SPK systems that may allow access to undisclosed sensitive files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

Design/Logic Flaw

A vulnerability exists in BIG-IP Next CNF and SPK systems that may allow access to undisclosed sensitive files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2024-23306

CVE-2024-23306 affects BIG-IP Next CNF. An authenticated attacker with enough privileges can access undisclosed sensitive files, impacting confidentiality and integrity (CVSSv3 7.1). Vulnerable: BIG-IP Next CNF 1.1.0–1.1.1. Fix available in 1.2.0 per F5 advisory K000137886. Recommend upgrading to...

CVE-2024-23306 BIG-IP Next CNF & SPK vulnerability

A vulnerability exists in BIG-IP Next CNF and SPK systems that may allow access to undisclosed sensitive files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2024-23306 BIG-IP Next CNF & SPK vulnerability

A vulnerability exists in BIG-IP Next CNF and SPK systems that may allow access to undisclosed sensitive files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

K000137886: BIG-IP Next CNF vulnerability CVE-2024-23306

Security Advisory Description A vulnerability exists in BIG-IP Next CNF systems that may allow access to undisclosed sensitive files. CVE-2024-23306 Impact An authenticated attacker may be able to modify or remove undisclosed configuration files causing a loss of confidentiality and integrity. Th...

F5 BIG-IP Security Vulnerabilities

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, and other features from F5 USA. A security vulnerability exists in F5 BIG-IP that stems from a vulnerability in the Next CNF and SPK systems that allows acces...

CVE-2023-40354

An issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password on a "maxctrl create service" command line, but this password is then stored in cleartext in the resulting .cnf file under /var/lib/maxscale/maxscale.cnf.d. The fixed versions are 2.5.28, 6.4.9, 22.08....