CVE-2026-42781 is a vulnerability in F5 Networks Big Ip
Published on May 13, 2026

BIG-IP FastL4 virtual server vulnerability
When embedded Packet Velocity Acceleration (ePVA) acceleration is configured, undisclosed local ethernet traffic can cause an increase in ePVA and Traffic Management Microkernel (TMM) resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Vendor Advisory NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

NONE

Integrity Impact:

NONE

Availability Impact:

HIGH

Weakness Type

What is an Infinite Loop Vulnerability?

The program contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop. If the loop can be influenced by an attacker, this weakness could allow attackers to consume excessive resources such as CPU or memory.

CVE-2026-42781 has been classified to as an Infinite Loop vulnerability or weakness.

Products Associated with CVE-2026-42781

Want to know whenever a new CVE is published for F5 Networks Big Ip? stack.watch will email you.

F5 Networks Big Ip

Affected Versions

F5 BIG-IP:

Version 21.1.0 and below * is unaffected.
Version 21.0.0 and below 21.0.0.1 is affected.
Version 17.5.0 and below 17.5.1.4 is affected.
Version 17.1.0 and below 17.1.3.1 is affected.
Version 16.1.0 and below * is unaffected.

CVE-2026-42781 is a vulnerability in F5 Networks Big IpPublished on May 13, 2026

Vulnerability Analysis

Weakness Type

What is an Infinite Loop Vulnerability?

Products Associated with CVE-2026-42781

Affected Versions

CVE-2026-42781 is a vulnerability in F5 Networks Big Ip
Published on May 13, 2026