Vulnerabilities in F5
404 resultsCVE-2026-11311HIGHNGINX Gateway Fabric vulnerabilityEPSS 0.6%CVE-2022-30535MEDIUMNGINX Ingress Controller vulnerability CVE-2022-30535EPSS 0.6%CVE-2024-31156HIGHBIG-IP Configuration utility XSS vulnerabilityEPSS 0.6%CVE-2022-28707HIGHOn F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1.x versions prior to 14.1.4.6, a stored cross-sitEPSS 0.6%CVE-2022-27875MEDIUMOn F5 Access for Android 3.x versions prior to 3.0.8, a Task Hijacking vulnerability exists in the F5 Access for Android application, which EPSS 0.6%CVE-2022-35728HIGHiControl REST vulnerability CVE-2022-35728EPSS 0.6%CVE-2023-24594MEDIUMBIG-IP TMM SSL vulnerabilityEPSS 0.6%CVE-2024-47139MEDIUMF5 BIG-IQ VulnerabilityEPSS 0.5%CVE-2024-32049HIGHBIG-IP Next Central Manager vulnerabilityEPSS 0.5%CVE-2025-1695MEDIUMNGINX Unit Java VulnerabilityEPSS 0.5%CVE-2023-40534HIGHBIG-IP HTTP/2 vulnerabilityEPSS 0.5%CVE-2023-40542HIGHBIG-IP TCP Profile vulnerabilityEPSS 0.5%CVE-2023-42768HIGHBIG-IP iControl REST vulnerabilityEPSS 0.5%CVE-2026-27651HIGHNGINX ngx_mail_auth_http_module vulnerabilityEPSS 0.5%CVE-2022-41780MEDIUMF5OS CLI vulnerability CVE-2022-41780EPSS 0.5%CVE-2023-22302MEDIUMBIG-IP HTTP profile vulnerabilityEPSS 0.5%CVE-2023-28656HIGHNGINX Management Suite vulnerabilityEPSS 0.5%CVE-2024-25560HIGHTMM VulnerabilityEPSS 0.5%CVE-2020-5853—In BIG-IP APM portal access on versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, when backend seEPSS 0.5%CVE-2023-22326MEDIUMiControl REST and tmsh vulnerabilityEPSS 0.5%