F5 Networks

CVE-2026-42409 describes a vulnerability in F5 BIG-IP where undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate when an HTTP/2 profile and an iRule containing the HTTP::redirect or HTTP::respond command are configured on a virtual server, potentially leading to denial of service.

CVE-2026-41956 describes a vulnerability in F5 Networks' Traffic Management Microkernel (TMM) where undisclosed requests can cause TMM termination when a classification profile is configured on a UDP virtual server, leading to a denial-of-service condition.

CVE-2026-42930 allows an authenticated attacker with 'Administrator' privileges to bypass Appliance mode restrictions on F5 BIG-IP systems.

CVE-2026-42924 allows an authenticated attacker with Resource Administrator or Administrator privileges to escalate privileges by creating malicious SNMP configuration objects through iControl SOAP.

CVE-2026-42920 describes a vulnerability where undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate when a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server.

CVE-2026-42406 allows a highly privileged, authenticated attacker with the Certificate Manager role to modify configuration objects in F5 BIG-IP and BIG-IQ systems, leading to arbitrary command execution.

An authenticated remote code execution vulnerability (CVE-2026-41957) exists in the F5 BIG-IP and BIG-IQ Configuration utility, potentially leading to arbitrary code execution on affected systems.

CVE-2026-41953 describes a privilege escalation vulnerability in F5 BIG-IP systems where a highly privileged, authenticated attacker with the Resource Administrator role can modify configuration objects, leading to elevated privileges within the system.

CVE-2026-41227 describes a vulnerability in an F5 Networks product where undisclosed traffic on an HTTP/2 virtual server with Layer 7 DoS Protection enabled can lead to increased memory consumption and termination of the Traffic Management Microkernel (TMM) process.

CVE-2026-41218 describes a vulnerability in F5 BIG-IP PEM iRules where undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate, leading to a denial-of-service condition.

CVE-2026-41217 is a vulnerability in an undisclosed F5 BIG-IP TMOS Shell (tmsh) command that allows an authenticated attacker with resource administrator or administrator role to execute arbitrary system commands with higher privileges, potentially crossing a security boundary in Appliance mode deployments.

CVE-2026-40698 allows a highly privileged, authenticated attacker with Resource Administrator privileges in F5 BIG-IP and BIG-IQ systems to create SNMP configuration objects via iControl REST or TMOS shell (tmsh), resulting in privilege escalation.

An authenticated attacker with Resource Administrator or Administrator roles can modify configuration objects through iControl SOAP in F5 products, leading to privilege escalation via CVE-2026-40631.

CVE-2026-40629 describes a vulnerability in F5 Networks products where, when SSL profiles are configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing new client connections, leading to a denial of service.

CVE-2026-40618 describes a vulnerability in F5 BIG-IP Virtual Edition (VE) where specific traffic can cause the Traffic Management Microkernel (TMM) to terminate when an SSL profile is configured without Intel QuickAssist Technology (QAT) or with crypto.hwacceleration disabled, potentially leading to a denial-of-service.

CVE-2026-40423 describes a vulnerability in F5 Networks products where undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate when a SIP profile is configured on a virtual server, leading to a denial-of-service condition.

A vulnerability exists in F5 BIG-IP APM where, when an APM access policy is configured on a virtual server, undisclosed network traffic can cause the apmd process to terminate, resulting in a denial of service (CVE-2026-40067).

CVE-2026-40060 describes a vulnerability in F5 BIG-IP Advanced WAF and ASM security policies where undisclosed requests can cause the `bd` process to terminate, leading to a denial-of-service condition.

CVE-2026-39459 describes a vulnerability in F5's iControl REST and TMOS Shell (tmsh) where a privileged, authenticated attacker with at least the Manager role can execute arbitrary commands by creating malicious configuration objects.

CVE-2026-39455 describes a denial-of-service vulnerability in the BIG-IP Configuration utility when configured with LDAP authentication, where undisclosed traffic can cause the httpd process to exhaust file descriptors.

CVE-2026-34176 is an authenticated remote command injection vulnerability in an undisclosed iControl REST endpoint when running in Appliance mode, allowing an attacker to cross a security boundary.

CVE-2026-32673 allows an authenticated attacker with Resource Administrator or Administrator roles to execute arbitrary system commands with higher privileges in F5 BIG-IP scripted monitors, potentially crossing a security boundary in appliance mode deployments.

CVE-2026-20916 describes a vulnerability in F5 BIG-IQ where an authenticated user with low privileges can create or modify arbitrary files via an undisclosed iControl REST endpoint, potentially leading to privilege escalation or system compromise.

CVE-2026-41225 allows a highly privileged, authenticated attacker with at least the Manager role to create configuration objects in F5 iControl REST, leading to arbitrary command execution.

Detection of LSASS loading an unsigned or untrusted DLL, which can indicate credential access attempts by malicious actors targeting sensitive information stored in the LSASS process.