Known vulnerabilities in F5 Networks BIG-IP Next CNF 1.4.0
Security bulletins (10)
| Secuity bulletin | Severity | Status | Published |
|---|---|---|---|
| SB2026011981: Remote code execution in BIG-IP Next dSSM component | Medium | 19.01.2026 | |
| SB2025101759: Denial of service in BIG-IP or BIG-IP Next CNF DNS cache implementation | Medium | 17.10.2025 | |
| SB2025081451: HTTP/2 Made You Reset Attack in F5 BIG-IP Next SPK/CNF | Medium | 14.08.2025 | |
| SB2025071778: Privilege escalation in shadow-utils component used by BIG-IP Next SPK/CNF | Medium | 17.07.2025 | |
| SB2025071775: Improper input validation in Go used by fsm and cert-manager in BIG-IP Next SPK/CNF | Medium | 17.07.2025 | |
| SB2025062445: Race condition in BIG-IP Next OTEL collectors | Low | 24.06.2025 | |
| SB2025050784: Remote denial of service in BIG-IP Next SPK/CNF TMM module | Medium | 07.05.2025 | |
| SB2025050780: Remote denial of service in F5 BIG-IP HTTP/2 profile | Medium | 07.05.2025 | |
| SB20250227213: Remote denial of service in BIG-IP Next SPK/CNF OpenSSL component | Medium | 27.02.2025 | |
| SB20250227205: OS command injection in F5 BIG-IP Next CNF Python component | Low | 27.02.2025 |