VDB
CVE-2026-22548
CVE-2026-22548
PUBLISHED
CVSS 5.900000095367432 MEDIUM
When a BIG-IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests along with conditions beyond the attacker's control can cause the bd process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
EPSS 0.09% · 25.2th percentile
Risk Scores
CVSS 3.1
5.900000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.09%
25.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| F5 | BIG-IP | 17.5.0, 17.1.0, 21.0.0 |
| f5 | big-ip_application_security_manager | 17.1.0, 17.1.0 |
| f5 | big-ip_advanced_web_application_firewall | 17.1.0, 17.1.0 |
Exploit Intelligence
- CIRCL seen: CVE-2026-22548 (circl-sighting)
- CIRCL seen: CVE-2026-22548 (circl-sighting)
- https://my.f5.com/manage/s/article/K000158072 (circl)
Timeline
- Feb 4, 2026 CVE Published
- Feb 4, 2026 CVE Updated
- Feb 5, 2026 EPSS Score
- Feb 5, 2026 PoC Published
- Feb 7, 2026 EPSS Score
- Feb 9, 2026 EPSS Score
- Feb 9, 2026 PoC Published
- Feb 12, 2026 EPSS Score
- Feb 14, 2026 EPSS Score
- Feb 16, 2026 EPSS Score
- Feb 18, 2026 EPSS Score
- Feb 20, 2026 EPSS Score
References
- https://my.f5.com/manage/s/article/K000156643 advisory
- https://my.f5.com/manage/s/article/K000157960 advisory
- https://my.f5.com/manage/s/article/K000159824 advisory
- https://my.f5.com/manage/s/article/K000158931 advisory
- https://my.f5.com/manage/s/article/K000159076 advisory
- https://my.f5.com/manage/s/article/K000156644 advisory
- https://my.f5.com/manage/s/article/K000158072 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-22548 advisory