High Threat Security Alert (A26-02-24): Multiple Vulnerabilities in F5 Products


 

Published on: 20 February 2026

Description:

F5 has published security advisories to address multiple vulnerabilities in F5 Products. The details about the vulnerabilities can be found at the following websites:
https://my.f5.com/manage/s/article/K000160003
https://my.f5.com/manage/s/article/K000160079
https://my.f5.com/manage/s/article/K000160084
https://my.f5.com/manage/s/article/K000160086
https://my.f5.com/manage/s/article/K11742742
https://my.f5.com/manage/s/article/K12201527

Reports indicated that proof-of-concept (PoC) exploit code is available for a buffer overflow vulnerability (CVE-2026-22184). System administrators are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.

 

Affected Systems:

  • BIG-IP (all modules) versions 12.1.0 - 12.1.5, 13.1.0 - 13.1.4, 14.1.0 - 14.1.4, 15.1.0 - 15.1.4, 16.1.0 - 16.1.6, 17.1.0 - 17.1.3, 17.5.0 - 17.5.1, 21.0.0
  • BIG-IP AFM and DDoS Hybrid Defender versions 17.5.1.4
  • BIG-IQ Centralized Management versions 7.0.0 - 7.1.0, 8.0.0 - 8.4.1
  • Traffix SDC versions 5.2.0

 

Impact:

Successful exploitation of the vulnerabilities could lead to remote code execution, denial of service, elevation of privilege or tampering on an affected system.

 

Recommendation:

Software updates for affected systems are now available. System administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk. It is recommended to consult the product vendors for the fixes and assistance.

 

More Information:

  • https://my.f5.com/manage/s/article/K000160003
  • https://my.f5.com/manage/s/article/K000160079
  • https://my.f5.com/manage/s/article/K000160084
  • https://my.f5.com/manage/s/article/K000160086
  • https://my.f5.com/manage/s/article/K11742742
  • https://my.f5.com/manage/s/article/K12201527
  • https://www.hkcert.org/security-bulletin/f5-big-ip-denial-of-service-vulnerability_20260220
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23023
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7634
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10318
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-58240
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1695
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14727
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22026
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-37797
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39971
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40047
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68493
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2507
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22184


Tag: F5 , BIG-IP , BIG-IQ , Traffix SDC
Tags