CVE-2026-40618
- EPSS 0.32%
- Veröffentlicht 13.05.2026 14:12:33
- Zuletzt bearbeitet 29.06.2026 14:17:27
When an SSL profile is configured on a virtual server on BIG-IP Virtual Edition (VE) without Intel QuickAssist Technology (QAT) or on BIG-IP hardware platforms with the database variable crypto.hwacceleration set to disabled, undisclosed traffic can ...
CVE-2026-41956
- EPSS 0.26%
- Veröffentlicht 13.05.2026 14:12:33
- Zuletzt bearbeitet 24.06.2026 14:52:13
When a classification profile is configured on a UDP virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2026-40629
- EPSS 0.32%
- Veröffentlicht 13.05.2026 14:12:32
- Zuletzt bearbeitet 29.06.2026 14:17:37
When SSL profiles are configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing new client connections. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2026-41218
- EPSS 0.26%
- Veröffentlicht 13.05.2026 14:12:32
- Zuletzt bearbeitet 24.06.2026 14:51:32
When BIG-IP PEM iRules are configured on a virtual server (iRules using commands starting with CLASSIFICATION::, CLASSIFY::, PEM::, PSC::, and the urlcatquery command), undisclosed traffic can cause the Traffic Management Microkernel (TMM) to termina...
CVE-2026-42781
- EPSS 0.18%
- Veröffentlicht 13.05.2026 14:12:31
- Zuletzt bearbeitet 23.06.2026 13:58:36
When embedded Packet Velocity Acceleration (ePVA) acceleration is configured, undisclosed local ethernet traffic can cause an increase in ePVA and Traffic Management Microkernel (TMM) resource utilization. Note: Software versions which have reached ...
CVE-2026-41957
- EPSS 0.51%
- Veröffentlicht 13.05.2026 14:12:30
- Zuletzt bearbeitet 23.06.2026 13:55:22
An authenticated remote code execution vulnerability through undisclosed vectors exists in the BIG-IP and BIG-IQ Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2026-42408
- EPSS 0.08%
- Veröffentlicht 13.05.2026 14:12:30
- Zuletzt bearbeitet 23.06.2026 13:57:14
When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed TMOS Shell (tmsh) command that may allow a highly privileged authenticated attacker to view sensitive information. Note: Software versions which have reached End of Technical S...
CVE-2026-34019
- EPSS 0.29%
- Veröffentlicht 13.05.2026 14:12:29
- Zuletzt bearbeitet 29.06.2026 14:14:54
When Bidirectional Forwarding Detection (BFD) is configured in Static and Dynamic routing protocols, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to stop processing BFD packets and cause the configured routing protocol to fa...
CVE-2026-40699
- EPSS 0.28%
- Veröffentlicht 13.05.2026 14:12:29
- Zuletzt bearbeitet 24.06.2026 14:51:20
A vulnerability exists in the undisclosed pages in the Configuration utility that may allow a low-privileged authenticated attacker to access to undisclosed sensitive information. Note: Software versions which have reached End of Technical Support (...
CVE-2026-28758
- EPSS 0.08%
- Veröffentlicht 13.05.2026 14:12:28
- Zuletzt bearbeitet 29.06.2026 17:58:57
When BIG-IP DNS is provisioned, a vulnerability exists in the gtm_add and bigip_add iControl REST commands that return the ssh-password parameter in cleartext in the iControl REST response and is also logged in the audit log. This may allow a highly ...