CVE-2026-41957

HIGH WAF: Medium

CVSS 8.8 Published: 2026-05-13

CWE-502

An authenticated remote code execution vulnerability through undisclosed vectors exists in the BIG-IP and BIG-IQ Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

WAF Coverage Analysis

Insecure Deserialization Medium WAF Coverage

OWASP: A08:2021 Software and Data Integrity Failures

944xxx - Java Attack

References

my.f5.com

Back to CVE Database