Deze pagina is nog niet vertaald naar uw taal. We werken eraan — de inhoud wordt voorlopig in het Engels weergegeven.

💡 Keep dependencies up to date — most exploits target known, patchable vulnerabilities.

HIGHCVE-2026-39455CVSS 7.5

CVE-2026-39455: File Descriptor Exhaustion in F5 BIG-IP

wordt vertaald…

Platform

linux

Component

bigip

Opgelost in

21.0.0.2

Bekijk op NVD

Opslaan

Wordt vertaald naar uw taal…

CVE-2026-39455 affects F5 BIG-IP systems utilizing Lightweight Directory Access Protocol (LDAP) authentication. A misconfiguration can trigger an undisclosed traffic pattern, causing the httpd process to exhaust available file descriptors, resulting in a denial-of-service condition. This vulnerability impacts versions 16.1.0 through 21.0.0.2, and a fix is available in version 21.0.0.2.

Impact en Aanvalsscenarioswordt vertaald…

Successful exploitation of CVE-2026-39455 can lead to a denial-of-service (DoS) attack, rendering the affected BIG-IP system unavailable. This disruption can impact critical services relying on the BIG-IP infrastructure, such as load balancing, web application delivery, and security features. The impact extends beyond the immediate system, potentially affecting applications and users dependent on the BIG-IP's functionality. While the vulnerability doesn't directly expose sensitive data, the DoS can disrupt operations and potentially mask other malicious activity. The blast radius is limited to the services managed by the affected BIG-IP instance.

Uitbuitingscontextwordt vertaald…

CVE-2026-39455 has been published on 2026-05-13. Its severity is rated HIGH (CVSS 7.5). Public proof-of-concept (POC) code is currently unavailable. The vulnerability is not listed on KEV or EPSS, suggesting a low to medium probability of exploitation in the short term. Monitor F5 security advisories and threat intelligence feeds for updates.

Dreigingsinformatie

Exploit Status

Proof of ConceptOnbekend

CISA KEVNO

InternetblootstellingHoog

CISA SSVC

Exploitatienone

Automatiseerbaaryes

Technische Impactpartial

CVSS-vector

Wat betekenen deze metrics?

Attack Vector: Netwerk — op afstand uitbuitbaar via internet. Geen fysieke of lokale toegang vereist.
Attack Complexity: Laag — geen speciale voorwaarden vereist. Betrouwbaar uitbuitbaar.
Privileges Required: Geen — geen authenticatie vereist om te exploiteren.
User Interaction: Geen — automatische en stille aanval. Slachtoffer doet niets.
Scope: Ongewijzigd — impact beperkt tot het kwetsbare component.
Confidentiality: Geen — geen vertrouwelijkheidsimpact.
Integrity: Geen — geen integriteitsimpact.
Availability: Hoog — volledige crash of uitputting van resources. Totale denial of service.

Getroffen Software

Componentbigip

LeverancierF5

Minimumversie16.1.0

Maximumversie21.0.0.2

Opgelost in21.0.0.2

Zwakheidsclassificatie (CWE)

CWE-772

Tijdlijn

Gereserveerd2026-04-30
Gepubliceerd2026-05-13

Mitigatie en Workaroundswordt vertaald…

The primary mitigation for CVE-2026-39455 is upgrading to F5 BIG-IP version 21.0.0.2 or later, which includes the fix. If immediate upgrade is not feasible, implement temporary workarounds. Configure a Web Application Firewall (WAF) or proxy to limit or filter LDAP traffic to the BIG-IP system, specifically targeting the traffic pattern that triggers the file descriptor exhaustion. Review LDAP authentication configurations to ensure they adhere to security best practices and minimize unnecessary LDAP traffic. After upgrading, verify the fix by attempting to reproduce the vulnerability with the traffic pattern described in the advisory; the httpd process should not exhaust file descriptors.

Hoe te verhelpenwordt vertaald…

Actualice a una versión corregida de BIG-IP.  Las versiones afectadas incluyen 17.5.1.6, 17.1.3.2, 21.0.0.2 y versiones posteriores de 21.1.0. Consulte la documentación de F5 para obtener instrucciones detalladas de actualización y mitigación.

Veelgestelde vragenwordt vertaald…

What is CVE-2026-39455 — File Descriptor Exhaustion in F5 BIG-IP?

CVE-2026-39455 is a HIGH severity vulnerability in F5 BIG-IP allowing LDAP authentication misconfigurations to exhaust file descriptors, causing a denial-of-service. It affects versions 16.1.0–21.0.0.2.

Am I affected by CVE-2026-39455 in F5 BIG-IP?

You are affected if you are running F5 BIG-IP versions 16.1.0 through 21.0.0.2 and have LDAP authentication enabled. Carefully review your LDAP configuration.

How do I fix CVE-2026-39455 in F5 BIG-IP?

Upgrade to F5 BIG-IP version 21.0.0.2 or later. As a temporary workaround, implement WAF rules to limit LDAP traffic.

Is CVE-2026-39455 being actively exploited?

Currently, there are no public reports of CVE-2026-39455 being actively exploited, but monitoring is crucial.

Where can I find the official F5 advisory for CVE-2026-39455?

Refer to the official F5 security advisory for CVE-2026-39455 on the F5 website: [https://www.f5.com/security/center/advisory/f5-security-advisory-26-07.html](https://www.f5.com/security/center/advisory/f5-security-advisory-26-07.html)

Is jouw project getroffen?

Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.

Gratis scannen CVEs zoeken

livefree scan

Probeer het nu — geen account

Upload een manifest (composer.lock, package-lock.json, WordPress pluginlijst…) of plak uw componentenlijst. U ontvangt direct een kwetsbaarheidsrapport. Een bestand uploaden is slechts het begin: met een account krijgt u continue monitoring, Slack/e-mail alerts, multi-project en white-label rapporten.

Manual scanSlack/email alertsscanZone.capMonitorWhite-label reports

Sleep uw afhankelijkheidsbestand hierheen

composer.lock, package-lock.json, requirements.txt, Gemfile.lock, pubspec.lock, Dockerfile...

Bestanden zoeken