CVE-2026-40060

Published: Mag 13, 2026 Last Modified: Mag 13, 2026
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 8,7
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Confidentiality: N/A
Integrity: N/A
Availability: N/A
HIGH 7,5
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high

Description

AI Translation Available

When a BIG-IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. 

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

252

Unchecked Return Value

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Integrity
Potential Impacts:
Unexpected State Dos: Crash, Exit, Or Restart
Applicable Platforms
All platforms may be affected
Likelihood of Exploit: Low
View CWE Details
https://my.f5.com/manage/s/article/K000160727
https://my.f5.com/manage/s/article/K000160727