High severity8.7NVD Advisory· Published May 13, 2026· Updated May 13, 2026
CVE-2026-34176
CVE-2026-34176
Description
When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Patches
Vulnerability mechanics
References
1News mentions
1- F5 Patches Over 50 VulnerabilitiesSecurityWeek · May 14, 2026