Improper Sanitization Vulnerability in BIG-IP QKView Utility by F5 Networks
CVE-2026-41219

7.1HIGH

Key Information:

Vendor: F5
Status: Big-ip; Big-iq
Vendor: CVE Published:; 13 May 2026

What is CVE-2026-41219?

An improper sanitization vulnerability in the BIG-IP QKView utility may allow low-privileged attackers to access sensitive data contained in QKView files. This flaw raises significant security concerns, as it compromises the confidentiality of the information stored within these files. Remediation measures should be implemented promptly to safeguard against unauthorized data exposure.

Affected Version(s)

BIG-IP 17.5.0 < 17.5.1.4

BIG-IP 17.1.0 < 17.1.3.1

BIG-IP 16.1.0

References

https://my.f5.com/manage/s/article/K000157895

vendor-advisorypatch

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2026
Vulnerability Reserved
Apr 30, 2026

Credit

CVE-2026-41219 Data

JSON