CVE-2026-8711 — Vulnetix

CVE-2026-8711 PUBLISHED

On May 19, 2026, F5 published a security advisory to address a critical vulnerability in the following product: NGINX JavaScript (njs) – versions 0.9.4 to 0.9.8 The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

EPSS 0.10% · 26.5th percentile

Risk Scores

EPSS Score

0.10%

26.5th percentile

Affected Products

Vendor	Product	Versions
NGINX	NGINX JavaScript (njs) – de la version 0.9.4 à 0.9.8.
NGINX	NGINX JavaScript (njs) – versions 0.9.4 to 0.9.8

Timeline

May 19, 2026 CVE Published
May 19, 2026 PoC Published
May 20, 2026 EPSS Score
May 20, 2026 Coalition ESS Score
May 20, 2026 PoC Published
May 20, 2026 Security Advisory
May 21, 2026 EPSS Score
May 22, 2026 EPSS Score
May 23, 2026 EPSS Score
May 24, 2026 EPSS Score
May 25, 2026 EPSS Score
May 26, 2026 EPSS Score

References

https://cyber.gc.ca/en/alerts-advisories/f5-security-advisory-av26-485 advisory
https://my.f5.com/manage/s/article/K000161307 vendor
https://my.f5.com/manage/s/new-updated-articles#f-f5_document_type=Security%20Advisory vendor
https://cyber.gc.ca/fr/alertes-avis/bulletin-securite-f5-av26-485 advisory

Open in Interactive Console →