BIG-IP Traffic Manager May Crash from Undisclosed Traffic

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.7

BIG-IP Traffic Manager May Crash from Undisclosed Traffic

CVE-2026-2507

Summary

BIG-IP Traffic Manager (TMM) may terminate unexpectedly when receiving certain types of traffic. This issue affects BIG-IP AFM and BIG-IP DDoS systems, which could cause downtime. F5 recommends keeping software up to date to mitigate this risk.

Original title

When BIG-IP AFM or BIG-IP DDoS is provisioned, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Original description

When BIG-IP AFM or BIG-IP DDoS is provisioned, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

nvd CVSS3.1 7.5

nvd CVSS4.0 8.7

Vulnerability type

CWE-476 NULL Pointer Dereference

https://my.f5.com/manage/s/article/K000160003

Published: 18 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026