Memory Consumption Issue in F5 HTTP/2 Virtual Server
CVE-2026-41227

8.7HIGH

Key Information:

Vendor: F5
Status: Big-ip
Vendor: CVE Published:; 13 May 2026

What is CVE-2026-41227?

A vulnerable configuration in F5's HTTP/2 virtual server can lead to increased memory usage due to undisclosed traffic patterns. This can cause the Traffic Management Microkernel (TMM) process to terminate unexpectedly, affecting service availability. It's important to ensure that the configurations are thoroughly evaluated and updated as necessary to mitigate these risks and maintain optimal performance.

Affected Version(s)

BIG-IP 17.5.0 < 17.5.1.4

BIG-IP 17.1.0 < 17.1.3.1

BIG-IP 16.1.0

References

https://my.f5.com/manage/s/article/K000158979

vendor-advisorypatch

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2026
Vulnerability Reserved
Apr 30, 2026

Credit

CVE-2026-41227 Data

JSON