Security Alert (A26-01-19): Multiple Vulnerabilities in F5 Products


 

Published on: 26 January 2026

Description:

F5 has published security advisories to address multiple vulnerabilities in F5 Products. The details about the vulnerabilities can be found at the following website:
https://my.f5.com/manage/s/article/K000149173
https://my.f5.com/manage/s/article/K000151658
https://my.f5.com/manage/s/article/K000156801
https://my.f5.com/manage/s/article/K000159681

 

Affected Systems:

  • BIG-IP (all modules) versions 15.1.0 - 15.1.10
  • BIG-IP (all modules) versions 16.1.0 - 16.1.6
  • BIG-IP (all modules) versions 17.1.0 - 17.1.2
  • BIG-IP (all modules) versions 17.5.0 - 17.5.1
  • BIG-IP VPN
  • NGINX Open Source versions 1.11.4 - 1.27.3
  • NGINX Plus versions R28 - R33

 

Impact:

Successful exploitation of the vulnerabilities could lead to denial of service, information disclosure, security restriction bypass or spoofing on an affected system.

 

Recommendation:

Software updates for affected systems are now available. System administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk. It is recommended to consult the product vendors for the fixes and assistance.

 

More Information:

  • https://my.f5.com/manage/s/article/K000149173
  • https://my.f5.com/manage/s/article/K000151658
  • https://my.f5.com/manage/s/article/K000156801
  • https://my.f5.com/manage/s/article/K000159681
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23419
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54755
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58153


Tag: F5 , BIG-IP , NGINX
Tags