BIG-IP VE is a virtual appliance that runs F5 BIG-IP modules, including advanced traffic management, application security, application acceleration, DNS, network firewalling, and secure access management. The software comes in three editions - "Good," "Better," and "Best," each containing a different set of modules.

F5 BIG-IP Virtual Edition

F5 BIG-IP Virtual Edition (tier - better)

F5 BIG-IP Virtual Edition (tier - best)

A vulnerability exists in an undisclosed BIG-IP Configuration utility page that may allow an attacker to spoof error messages.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-61990	HIGH	8.7	F5 BIG-IP Virtual Edition	cpe:2.3:a:f5:big-ip_access_policy_manager	No	Yes	Oct 15, 2025
CVE-2025-58071	HIGH	8.7	F5 BIG-IP Virtual Edition	cpe:2.3:a:f5:big-ip_local_traffic_manager	No	Yes	Oct 15, 2025
CVE-2025-61974	HIGH	8.7	F5 BIG-IP Virtual Edition	cpe:2.3:a:f5:big-ip_access_policy_manager	No	Yes	Oct 15, 2025
CVE-2025-61958	HIGH	8.5	F5 BIG-IP Virtual Edition	cpe:2.3:a:f5:big-ip_access_policy_manager	No	Yes	Oct 15, 2025
CVE-2026-20732	LOW	2.3	F5 BIG-IP Virtual Edition	cpe:2.3:a:f5:big-ip_domain_name_system	No	Yes	Feb 04, 2026

CVE-2026-20732:
F5 BIG-IP Virtual Edition vulnerability analysis and mitigation

2.3

Related F5 BIG-IP Virtual Edition vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2026-20732: F5 BIG-IP Virtual Edition vulnerability analysis and mitigation