Main Vulnerability Database SB20260414113

SB20260414113 - Information disclosure in BIG-IP Next Moby

Published: April 14, 2026

Security Bulletin ID SB20260414113

Severity

Low

Patch available

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Missing initialization of resource (CVE-ID: CVE-2025-54410)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to Docker fails to re-create iptables rules that isolate bridge networks when firewalld reloads, allowing any container to access all ports on any other container across different bridge networks on the same host. This breaks network segmentation between containers that should be isolated, creating significant risk in multi-tenant environments. A local user can gain unauthorized access to sensitive information on the system.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

https://my.f5.com/manage/s/article/K000160663

SB20260414113 - Information disclosure in BIG-IP Next Moby

Breakdown by Severity

Description

Remediation

References

Please verify you're human