EarlyNarratives
Pricing
Start free trialSign in
Start free trialSign in
Signal

CVE-2026-2507: F5 BIG-IP afm/ddos hybrid defender TMM DoS advisory

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-02-18 19:18 UTCUpdated 2026-02-19 03:00 UTC
rss
cvevulnerabilitydosnetwork_securityadvisorypatching
Source links open
Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.
BackEvidence (3)Get the free brief by emailStart free trial
No card needed for the free brief.
Evidence trail (top sources)
top sources (3 domains)domains are deduped. counts indicate coverage, not truth.
3 top sources shown
Vulnerability in F5 BIG-IP AFM and BIG-IP DDoS Hybrid Defender
NCSC-FI - Vulnerabilities · Advisory · nvd.nist.gov · 2026-02-19 03:00 UTC
BIG-IP AFM and DDoS Hybrid Defender: CVSS (Max): 7.5
AusCERT - Bulletins · News · portal.auscert.org.au · 2026-02-19 02:41 UTC
F5 security advisory (AV26-144)
Canadian Centre for Cyber Security - Alerts · News · cyber.gc.ca · 2026-02-18 19:18 UTC
View all evidence
Overview

Multiple security channels are converging on CVE-2026-2507 affecting F5 BIG-IP AFM and BIG-IP DDoS Hybrid Defender. Advisories describe a remotely triggerable denial-of-service condition where certain traffic can cause the BIG-IP Traffic Management Microkernel (TMM) to terminate, disrupting traffic while the process restarts. Guidance across sources emphasizes reviewing vendor advisory details and applying patches/updates.

Entities
F5 NetworksBIG-IP AFMBIG-IP DDoS Hybrid DefenderTraffic Management Microkernel (TMM)
Score total
1.26
Momentum 24h
3
Posts
3
Origins
3
Source types
1
Duplicate ratio
0%
Why now
  • F5 advisory and downstream alerts were published Feb 18–19, 2026
  • Coordinated bulletin coverage increases likelihood of rapid defender action
  • Patch/upgrade guidance is being actively circulated by national/CSIRT sources
Why it matters
  • Remote, unauthenticated DoS can disrupt traffic on affected BIG-IP systems
  • Applies to security/DDoS-related BIG-IP modules (AFM, DDoS Hybrid Defender)
  • Operational impact: TMM termination and restart-driven traffic disruption
LLM analysis
Topic mix: lowPromo risk: lowSource quality: high
Recurring claims
  • CVE-2026-2507 impacts F5 BIG-IP AFM and BIG-IP DDoS Hybrid Defender via a TMM termination/traffic disruption condition.
  • The issue can be triggered remotely without authentication and results in denial-of-service/traffic disruption while TMM restarts.
  • Defender guidance is to review the advisory and apply the necessary updates/patches.
How sources frame it
  • Canadian Centre For Cyber Security: neutral
  • AusCERT: neutral
  • NVD Entry For CVE-2026-2507: neutral
All evidence
All evidence
Vulnerability in F5 BIG-IP AFM and BIG-IP DDoS Hybrid Defender
NCSC-FI - Vulnerabilities · nvd.nist.gov · 2026-02-19 03:00 UTC
BIG-IP AFM and DDoS Hybrid Defender: CVSS (Max): 7.5
AusCERT - Bulletins · portal.auscert.org.au · 2026-02-19 02:41 UTC
F5 security advisory (AV26-144)
Canadian Centre for Cyber Security - Alerts · cyber.gc.ca · 2026-02-18 19:18 UTC
Show filters & breakdown
Posts loaded: 0Publishers: 3Origin domains: 3Duplicates: -
Showing 3 / 0
Top publishers (this list)
  • NCSC-FI - Vulnerabilities (1)
  • AusCERT - Bulletins (1)
  • Canadian Centre for Cyber Security - Alerts (1)
Top origin domains (this list)
  • nvd.nist.gov (1)
  • portal.auscert.org.au (1)
  • cyber.gc.ca (1)