This page lists publicly disclosed CVE vulnerabilities affecting f5 big-ip_advanced_web_application_firewall (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-22548 | When a BIG-IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests along with conditions beyond the attacker's control can cause the bd process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | [email protected] | 8.2 | 0.18% | 2026-02-04 | 2026-02-13 |
| CVE-2026-20732 | A vulnerability exists in an undisclosed BIG-IP Configuration utility page that may allow an attacker to spoof error messages. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | [email protected] | 2.3 | 0.15% | 2026-02-04 | 2026-02-13 |
| CVE-2025-61990 | When using a multi-bladed platform with more than one blade, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | [email protected] | 8.7 | 0.32% | 2025-10-15 | 2025-10-21 |
| CVE-2025-61935 | When a BIG IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | [email protected] | 8.7 | 0.32% | 2025-10-15 | 2025-10-21 |
| CVE-2025-58071 | When IPsec is configured on the BIG-IP system, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | [email protected] | 8.7 | 0.34% | 2025-10-15 | 2025-10-21 |
| CVE-2025-61958 | A vulnerability exists in the iHealth command that may allow an authenticated attacker with at least a resource administrator role to bypass tmsh restrictions and gain access to a bash shell. For BIG-IP systems running in Appliance mode, a successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | [email protected] | 8.5 | 0.36% | 2025-10-15 | 2026-02-04 |
| CVE-2025-61951 | Undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. This issue may occur when a Datagram Transport Layer Security (DTLS) 1.2 virtual server is enabled with a Server SSL profile that is configured with a certificate, key, and the SSL Sign Hash set to ANY, and the backend server is enabled with DTLS 1.2 and client authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | [email protected] | 8.7 | 0.23% | 2025-10-15 | 2025-10-21 |
| CVE-2025-61938 | When a BIG-IP Advanced WAF or ASM security policy is configured with a URL greater than 1024 characters in length for the Data Guard Protection Enforcement setting, either manually or through the automatic Policy Builder, the bd process can terminate repeatedly. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | [email protected] | 8.7 | 0.32% | 2025-10-15 | 2025-10-21 |
| CVE-2025-59781 | When DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual server, undisclosed DNS queries can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | [email protected] | 8.7 | 0.32% | 2025-10-15 | 2025-10-22 |
| CVE-2025-59483 | A validation vulnerability exists in an undisclosed URL in the Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | [email protected] | 8.5 | 0.34% | 2025-10-15 | 2025-10-21 |
| CVE-2025-59481 | A vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command that may allow an authenticated attacker with at least resource administrator role to execute arbitrary system commands with higher privileges. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | [email protected] | 8.5 | 0.36% | 2025-10-15 | 2026-02-04 |
| CVE-2025-59269 | A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | [email protected] | 8.4 | 0.26% | 2025-10-15 | 2025-10-21 |
| CVE-2025-59268 | On the BIG-IP system, undisclosed endpoints that contain static non-sensitive information are accessible to an unauthenticated remote attacker through the Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | [email protected] | 6.9 | 0.37% | 2025-10-15 | 2025-10-21 |
| CVE-2025-58474 | When BIG-IP Advanced WAF is configured on a virtual server with Server-Side Request Forgery (SSRF) protection or when an NGINX server is configured with App Protect Bot Defense, undisclosed requests can disrupt new client requests. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | [email protected] | 6.9 | 0.35% | 2025-10-15 | 2025-10-22 |
| CVE-2025-58424 | On BIG-IP systems, undisclosed traffic can cause data corruption and unauthorized data modification in protocols which do not have message integrity protection. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | [email protected] | 6.3 | 0.23% | 2025-10-15 | 2026-02-04 |
| CVE-2025-58153 | Under undisclosed traffic conditions along with conditions beyond the attacker's control, hardware systems with a High-Speed Bridge (HSB) may experience a lockup of the HSB. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | [email protected] | 8.2 | 0.21% | 2025-10-15 | 2026-02-04 |
| CVE-2025-58096 | When the database variable tm.tcpudptxchecksum is configured as non-default value Software-only on a BIG-IP system, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | [email protected] | 8.2 | 0.32% | 2025-10-15 | 2025-10-21 |
| CVE-2025-54858 | When a BIG-IP Advanced WAF or BIG-IP ASM Security Policy is configured with a JSON content profile that has a malformed JSON schema, and the security policy is applied to a virtual server, undisclosed requests can cause the bd process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | [email protected] | 8.7 | 0.32% | 2025-10-15 | 2025-10-21 |
| CVE-2025-54755 | A directory traversal vulnerability exists in TMUI that allows a highly privileged authenticated attacker to access files which are not limited to the intended files. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | [email protected] | 6.9 | 1.09% | 2025-10-15 | 2026-01-27 |
| CVE-2025-53868 | When running in Appliance mode, a highly privileged authenticated attacker with access to SCP and SFTP may be able to bypass Appliance mode restrictions using undisclosed commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | [email protected] | 8.5 | 0.41% | 2025-10-15 | 2026-02-04 |