K000161018: iControl REST and tmsh vulnerability CVE-2026-42937

Security Advisory Description Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell tmsh arp and ndp commands, and in BIG-IP iControl REST. These vulnerabilities may allow an authenticated attacker to view adjacent network information. CVE-2026-42937 Impact An...

K000161022: iControl REST and tmsh vulnerability CVE-2026-41959

Security Advisory Description Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell tmsh network diagnostics commands and in BIG-IP iControl REST. These vulnerabilities may allow an authenticated attacker to view the network status of destination systems...

K000161131: NGINX ngx_http_proxy_v2_module vulnerability CVE-2026-42926

Security Advisory Description When NGINX Open Source is configured to proxy HTTP/2 traffic by setting proxyhttpversion to 2, and also uses proxysetbody , an attacker may be able to inject frame headers and payload bytes to the upstream peer. CVE-2026-42926 Impact This vulnerability allows a remot...

K000158082: BIG-IP SSL vulnerability CVE-2026-40618

Security Advisory Description When an SSL profile is configured on a virtual server on BIG-IP Virtual Edition VE without Intel QuickAssist Technology QAT or on BIG-IP hardware platforms with the database variable crypto.hwacceleration set to disabled, undisclosed traffic can cause the Traffic...

K32950402: iControl REST and tmsh vulnerability CVE-2026-41954

Security Advisory Description Sensitive information disclosure vulnerability exists in the undisclosed iControl REST endpoint and TMOS Shell tmsh command which may allow an authenticated attacker with resource administrator role privileges to view sensitive information. CVE-2026-41954 Impact An...

K000159034: BIG-IP HTTP/2 vulnerability CVE-2026-42409

Security Advisory Description When an HTTP/2 profile and an iRule containing the HTTP::redirect or HTTP::respond command are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM process to terminate. CVE-2026-42409 Impact Traffic is disrupted while...

K000161028: NGINX ngx_http_charset_module vulnerability CVE-2026-42934

Security Advisory Description NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpcharsetmodule module. When charset , sourcecharset , and charsetmap and proxypass with disabled buffering "off" directives are configured, unauthenticated attackers can send requests that with...

K000161068: NGINX ngx_quic_module vulnerability CVE-2026-40460

Security Advisory Description When NGINX Plus or NGINX Open Source is configured to use the HTTP/3 QUIC module, an attacker may be able to spoof their source IP address allowing for bypass of authorization or bypass of rate limiting. CVE-2026-40460 Impact This vulnerability allows a remote,...

K000158038: BIG-IP TMM vulnerability CVE-2026-41956

Security Advisory Description When a classification profile is configured on a UDP virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2026-41956 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote,...

K000160972: BIG-IP and BIG-IQ privilege escalation vulnerability CVE-2026-32643

Security Advisory Description A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Certificate Manager role can modify configuration objects that allow running arbitrary commands. CVE-2026-32643 Impact This vulnerability may allow...

K000160971: BIG-IP and BIG-IQ privilege escalation vulnerability CVE-2026-42406

Security Advisory Description A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Certificate Manager role can modify configuration objects that allow running arbitrary commands. CVE-2026-42406 Impact This vulnerability may allow...

K000160973: iControl SOAP vulnerability CVE-2026-42063

Security Advisory Description A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource Administrator or Administrator role can download sensitive files. CVE-2026-42063 Impact This vulnerability may allow a remote, authenticated attacker with Resource Administrator...

K000158029: iControl REST vulnerability CVE-2026-20916

Security Advisory Description An authenticated iControl REST user with low privileges can create or modify arbitrary files through an undisclosed iControl REST endpoint on the BIG-IQ system. CVE-2026-20916 Impact An authenticated attacker with low privileges can exploit this vulnerability remotel...

K000158070: iControl REST vulnerability CVE-2026-28758

Security Advisory Description When BIG-IP DNS is provisioned, a vulnerability exists in the gtmadd and bigipadd iControl REST commands that return the ssh-password parameter in cleartext in the iControl REST response and is also logged in the audit log. This may allow a highly privileged,...

K000160788: iControl REST and tmsh vulnerability CVE-2026-40061

Security Advisory Description When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell tmsh command that may allow an authenticated attacker with the Resource Administrator or Administrator role to execute arbitrary system commands with higher...

K000150508: BIG-IP BFD vulnerability CVE-2026-34019

Security Advisory Description When Bidirectional Forwarding Detection BFD is configured in Static and Dynamic routing protocols, undisclosed traffic can cause the Traffic Management Microkernel TMM to stop processing BFD packets and cause the configured routing protocol to fail over. CVE-2026-340...

K000156604: BIG-IP httpd access control vulnerability CVE-2026-40435

Security Advisory Description When configured, IP-based access restrictions for httpd do not cover all endpoints, which may allow connections from blocked addresses. CVE-2026-40435 Impact This vulnerability allows an attacker to connect to the BIG-IP control plane HTTP services; however, the...

K000160727: BIG-IP Advanced WAF and ASM vulnerability CVE-2026-40060

Security Advisory Description When a BIG-IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. CVE-2026-40060 Impact Traffic is disrupted while the bd process restarts. This vulnerability allows a remote,...

K35544022: BIG-IP Configuration utility CSRF vulnerability CVE-2026-40703

Security Advisory Description A cross-site request forgery CSRF vulnerability exists in the dashboard of the BIG-IP Configuration utility. CVE-2026-40703 Impact A remote, unauthenticated attacker may exploit this vulnerability by causing an authenticated user to send a crafted request to the BIG-...

K000161021: NGINX ngx_http_ssl_module vulnerability CVE-2026-40701

Security Advisory Description NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpsslmodule module when the sslverifyclient directive is set to "on" or "optional," and the sslocsp directive is set to "on" or the leaf parameters are configured with a resolver. With this...

K000158971: BIG-IP Appliance mode vulnerability CVE-2026-42919

Security Advisory Description A vulnerability exists in BIG-IP systems that may allow an authenticated attacker with administrative access to escalate their privileges. A successful exploit may allow the attacker to cross a security boundary. CVE-2026-42919 Impact The vulnerability allows the...

K000161019: NGINX ngx_http_rewrite_module vulnerability CVE-2026-42945

Security Advisory Description NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when the "rewrite" directive with a query string is followed in the same location by the "if" or "set" directive with an unnamed Perl-Compatible Regula...

K000160874: BIG-IP Configuration utility vulnerability CVE-2026-39455

Security Advisory Description When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol LDAP authentication, undisclosed traffic can cause the httpd process to exhaust the available file descriptors. CVE-2026-39455 Impact The Configuration utility stops...

K000157981: BIG-IP DNS tmsh vulnerability CVE-2026-42408

Security Advisory Description When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed TMOS Shell tmsh command that may allow a highly privileged authenticated attacker to view sensitive information. CVE-2026-42408 Impact An authenticated attacker with Resource Administrator role...

K000160875: BIG-IP PEM iRules vulnerability CVE-2026-41218

Security Advisory Description When BIG-IP PEM iRules are configured on a virtual server iRules using commands starting with CLASSIFICATION:: , CLASSIFY::, PEM:: , PSC:: , and the urlcatquery command, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2026-41218...

K000158979: BIG-IP HTTP/2 Layer 7 DoS Protection vulnerability CVE-2026-41227

Security Advisory Description On an HTTP/2 virtual server with Layer 7 DoS Protection configured, undisclosed traffic can result in an increase in memory consumption causing the Traffic Management Microkernel TMM process to terminate. CVE-2026-41227 Impact Traffic is disrupted while the TMM proce...

K000161056: BIG-IP APM vulnerability CVE-2026-40067

Security Advisory Description When a BIG-IP APM access policy is configured on a virtual server, undisclosed traffic can cause the apmd process to terminate. CVE-2026-40067 Impact Traffic is disrupted while the apmd process restarts. This vulnerability allows an unauthenticated attacker to cause ...

K000160981: iControl REST and tmsh vulnerability CVE-2026-40698

Security Advisory Description A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can create SNMP configuration objects through iControl REST or the TMOS shell tmsh resulting in privilege escalation...

K000160901: BIG-IP DTLS vulnerability CVE-2026-42920

Security Advisory Description When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2026-42920 Impact Traffic is disrupted while the TMM process restarts. This...

K000160975: BIG-IP privilege escalation vulnerability CVE-2026-41953

Security Advisory Description A vulnerability exists in BIG-IP systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can modify configuration objects resulting in privilege escalation. CVE-2026-41953 Impact This vulnerability may allow a highly...

K000161023: BIG-IP SIP profile vulnerability CVE-2026-40423

Security Advisory Description When a SIP profile is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2026-40423 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote, unauthenticated...

K000160903: iControl REST vulnerability CVE-2026-42058

Security Advisory Description An authenticated attacker's undisclosed requests to BIG-IP iControl REST can lead to an information leak of BIG-IP local user account names. CVE-2026-42058 Impact This vulnerability allows for a remote authenticated attacker with network access to the iControl REST...

K000161040: BIG-IP scripted monitor vulnerability CVE-2026-32673

Security Advisory Description A vulnerability exists in BIG-IP scripted monitors that may allow an authenticated attacker with the Resource Administrator or Administrator role to execute arbitrary system commands with higher privileges. In appliance mode deployments, a successful exploit can allo...

K000160916: iControl REST vulnerability CVE-2026-41225

Security Advisory Description A vulnerability exists in iControl REST where a highly privileged, authenticated attacker with at least the Manager role can create configuration objects that allow running arbitrary commands. CVE-2026-41225 Impact This vulnerability may allow a highly privileged...

K000160979: BIG-IP iControl SOAP vulnerability CVE-2026-40631

Security Advisory Description An authenticated attacker with the Resource Administrator or Administrator role can modify configuration objects through iControl SOAP resulting in privilege escalation. CVE-2026-40631 Impact This vulnerability may allow a remote, authenticated attacker with Resource...

K000160926: BIG-IP iControl SOAP vulnerability CVE-2026-42924

Security Advisory Description An authenticated attacker with the Resource Administrator or Administrator role can create SNMP configuration objects through iControl SOAP resulting in privilege escalation. CVE-2026-42924 Impact This vulnerability may allow a remote, authenticated attacker with...

K000160945: BIG-IP DNS Cache vulnerability CVE-2026-39458

Security Advisory Description When a BIG-IP DNS profile enabled with DNS cache is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2026-39458 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows...

K000160911: Appliance mode iControl REST vulnerability CVE-2026-24464

Security Advisory Description When running in Appliance mode, a directory traversal vulnerability exists in an undisclosed iControl REST endpoint that may allow an authenticated attacker with administrator role privileges to cross a security boundary and delete files. CVE-2026-24464 Impact In...

K000160876: Appliance mode iControl REST vulnerability CVE-2026-42930

Security Advisory Description When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions on a BIG-IP system. CVE-2026-42930 Impact An authenticated attacker with local system access and the Administrator role may be...

K000156761: BIG-IP and BIG-IQ Configuration utility vulnerability CVE-2026-41957

Security Advisory Description An authenticated remote code execution vulnerability through undisclosed vectors exists in the BIG-IP and BIG-IQ Configuration utility. CVE-2026-41957 Impact This vulnerability may allow an authenticated attacker with network access to the Configuration utility throu...

K000161244: Apache MINA vulnerabilities CVE-2026-42778 and CVE-2026-42779

Security Advisory Description CVE-2026-42778 The fix for CVE-2026-41409 was not applied to the 2.1.X and 2.2.X branches. Here was the original issue description: The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject was incomplete. The classname allowlist of classes allowed to be...

K000161227: PHP vulnerability CVE-2016-4473

Security Advisory Description /ext/phar/pharobject.c in PHP 7.0.7 and 5.6.x allows remote attackers to execute arbitrary code. NOTE: Introduced as part of an incomplete fix to CVE-2015-6833. CVE-2016-4473 Impact There is no impact; F5 products are not affected by this vulnerability. Security...

K000161181: Linux kernel vulnerabilities CVE-2026-43284 and CVE-2026-43500

Security Advisory Description CVE-2026-43284 Dirty Frag In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFLSHAREDFRAG after...

K000161154: Sequelize vulnerability CVE-2026-30951

Security Advisory Description Sequelize is a Node.js ORM tool. Prior to 6.37.8, there is SQL injection via unescaped cast type in JSON/JSONB where clause processing. The traverseJSON function splits JSON path keys on :: to extract a cast type, which is interpolated raw into CAST... AS SQL. An...

K000161138: Linux kernel vulnerability CVE-2026-23307, CVE-2026-23319

Security Advisory Description CVE-2026-23307 In the Linux kernel, the following vulnerability has been resolved: can: emsusb: emsusbreadbulkcallback: check the proper length of a message When looking at the data in a USB urb, the actuallength is the size of the buffer passed to the driver, not th...

K000161125: Erlang vulnerability CVE-2025-4748

Security Advisory Description Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdlib modules allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines...

K000161120: HTTP/2 vulnerability CVE-2025-8671

Security Advisory Description A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and th...

K000161061: crypto: algif_aead - Revert to operating out-of-place (Copy Fail) CVE-2026-31431

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algifaead sinc...

K000161051: WebKitGTK vulnerability CVE-2026-20652

Security Advisory Description The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A remote attacker may be able to cause a denial-of-service. CVE-2026-20652 Impact There...

K000161050: Multiple Oracle Java vulnerabilities

Security Advisory Description CVE-2026-22003 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to...