Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

538 matches found

RedhatCVE
RedhatCVEadded 5 days ago5 views

CVE-2026-40703

A cross-site request forgery CSRF vulnerability exists in the dashboard of the BIG-IP Configuration utility. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

5.4CVSS5.4AI score0.0003EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 5 days ago7 views

CVE-2026-40699

A vulnerability exists in the undisclosed pages in the Configuration utility that may allow a low-privileged authenticated attacker to access to undisclosed sensitive information. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

7.1CVSS5.5AI score0.00072EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 5 days ago6 views

CVE-2026-39455

When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol LDAP authentication, undisclosed traffic can cause the httpd process to exhaust the available file descriptors. Note: Software versions which have reached End of Technical Support EoTS are not evaluat...

8.7CVSS5.5AI score0.00111EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2026/05/21 12:0 a.m.4 views

F5 Networks BIG-IP : BIG-IP Configuration utility vulnerability (K000156734)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1.3 / 21.0.0. It is, therefore, affected by a vulnerability as referenced in the K000156734 advisory. A vulnerability exists in the undisclosed pages in the Configuration utility that may allow a low-...

7.1CVSS5.8AI score0.00072EPSS
Exploits0References2
EUVD
EUVDadded 2026/05/13 6:30 p.m.3 views

EUVD-2026-29991

An authenticated remote code execution vulnerability through undisclosed vectors exists in the BIG-IP and BIG-IQ Configuration utility. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.8CVSS6.5AI score0.00681EPSS
Exploits0References2
NVD
NVDadded 2026/05/13 4:16 p.m.5 views

CVE-2026-40703

A cross-site request forgery CSRF vulnerability exists in the dashboard of the BIG-IP Configuration utility. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

5.4CVSS0.0003EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/13 2:12 p.m.2 views

CVE-2026-39455

When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol LDAP authentication, undisclosed traffic can cause the httpd process to exhaust the available file descriptors. Note: Software versions which have reached End of Technical Support EoTS are not...

8.7CVSS5.8AI score0.00111EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/13 2:12 p.m.4 views

CVE-2026-39455 BIG-IP Configuration utility vulnerability

When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol LDAP authentication, undisclosed traffic can cause the httpd process to exhaust the available file descriptors. Note: Software versions which have reached End of Technical Support EoTS are not...

8.7CVSS5.8AI score0.00111EPSS
Exploits0References1
CVE
CVEadded 2026/05/13 2:12 p.m.17 views

CVE-2026-41957

CVE-2026-41957 affects the BIG-IP and BIG-IQ Configuration utility. The connected advisory confirms an authenticated remote code execution vulnerability via undisclosed vectors in the Configuration utility (control plane access), with CWE-502 deserialization noted in the security advisory details...

8.8CVSS6.5AI score0.00681EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/13 2:12 p.m.24 views

CVE-2026-41957 BIG-IP and BIG-IQ Configuration utility vulnerability

An authenticated remote code execution vulnerability through undisclosed vectors exists in the BIG-IP and BIG-IQ Configuration utility. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.8CVSS0.00681EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/13 2:12 p.m.12 views

CVE-2026-40699 BIG-IP Configuration utility vulnerability

A vulnerability exists in the undisclosed pages in the Configuration utility that may allow a low-privileged authenticated attacker to access to undisclosed sensitive information. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

7.1CVSS5.8AI score0.00072EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/13 2:12 p.m.25 views

CVE-2026-40699 BIG-IP Configuration utility vulnerability

A vulnerability exists in the undisclosed pages in the Configuration utility that may allow a low-privileged authenticated attacker to access to undisclosed sensitive information. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

7.1CVSS0.00072EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/13 2:12 p.m.3 views

CVE-2026-40703 BIG-IP Configuration utility CSRF vulnerability

A cross-site request forgery CSRF vulnerability exists in the dashboard of the BIG-IP Configuration utility. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

5.4CVSS5.7AI score0.0003EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/13 2:12 p.m.23 views

CVE-2026-40703 BIG-IP Configuration utility CSRF vulnerability

A cross-site request forgery CSRF vulnerability exists in the dashboard of the BIG-IP Configuration utility. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

5.4CVSS0.0003EPSS
Exploits0References1
CVE
CVEadded 2026/05/13 2:12 p.m.13 views

CVE-2026-40703

The CVE-2026-40703 entry describes a CSRF vulnerability in the BIG-IP Configuration utility dashboard. A remote, unauthenticated attacker can entice an authenticated user to issue crafted requests, allowing the attacker to create, modify, and delete dashboard items as that user. This is a control...

5.4CVSS5.7AI score0.0003EPSS
Exploits0References1
F5 Networks
F5 Networksadded 2026/05/13 1:30 p.m.11 views

K000156734: BIG-IP Configuration utility vulnerability CVE-2026-40699

Security Advisory Description A vulnerability exists in the undisclosed pages in the Configuration utility that may allow a low-privileged authenticated attacker to access to undisclosed sensitive information. CVE-2026-40699 Impact This vulnerability may allow a low-privileged authenticated...

7.1CVSS5.7AI score0.00072EPSS
Exploits0Affected Software11
F5 Networks
F5 Networksadded 2026/05/13 12:27 p.m.7 views

K35544022: BIG-IP Configuration utility CSRF vulnerability CVE-2026-40703

Security Advisory Description A cross-site request forgery CSRF vulnerability exists in the dashboard of the BIG-IP Configuration utility. CVE-2026-40703 Impact A remote, unauthenticated attacker may exploit this vulnerability by causing an authenticated user to send a crafted request to the BIG-...

5.4CVSS5.6AI score0.0003EPSS
Exploits0Affected Software11
F5 Networks
F5 Networksadded 2026/05/13 12:25 p.m.7 views

K000160874: BIG-IP Configuration utility vulnerability CVE-2026-39455

Security Advisory Description When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol LDAP authentication, undisclosed traffic can cause the httpd process to exhaust the available file descriptors. CVE-2026-39455 Impact The Configuration utility stops...

8.7CVSS5.7AI score0.00111EPSS
Exploits0Affected Software11
F5 Networks
F5 Networksadded 2026/05/13 11:59 a.m.7 views

K000156761: BIG-IP and BIG-IQ Configuration utility vulnerability CVE-2026-41957

Security Advisory Description An authenticated remote code execution vulnerability through undisclosed vectors exists in the BIG-IP and BIG-IQ Configuration utility. CVE-2026-41957 Impact This vulnerability may allow an authenticated attacker with network access to the Configuration utility throu...

8.8CVSS6.6AI score0.00681EPSS
Exploits0Affected Software12
Positive Technologies
Positive Technologiesadded 2026/05/13 12:0 a.m.8 views

PT-2026-40665

Name of the Vulnerable Software and Affected Versions BIG-IP versions prior to 17.1.3.1 BIG-IQ versions prior to 17.5.1.4 Description An authenticated remote code execution issue exists in the BIG-IP and BIG-IQ Configuration utility. This flaw is caused by deserialization, a process where data is...

8.8CVSS6.6AI score0.00681EPSS
Exploits0References5
Rows per page
Query Builder