CVE-2026-20730

CWE-200 — Information Exposure5 documents5 sources

Severity

2.0LOW

EPSS

0.0%

top 91.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

F5 Big-ip Edge Client F5 Big-ip Access Policy Manager F5 Big-ip Access Policy Manager Client

Timeline

PublishedFeb 4

Description

A vulnerability exists in BIG-IP Edge Client and browser VPN clients on Windows that may allow attackers to gain access to sensitive information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Packages3 packages

▶CVEListV5f5/big-ip_edge_client7.2.5 — 7.2.6.2

▶NVDf5/big-ip_access_policy_manager_client7.2.5 — 7.2.6.2

▶NVDf5/big-ip_access_policy_manager17.1.0 — 17.1.3.1+3

🔴Vulnerability Details

GHSA

GHSA-w766-9fv5-g368: A vulnerability exists in BIG-IP Edge Client and browser VPN clients on Windows that may allow attackers to gain access to sensitive information↗2026-02-04

▶

CVEList

BIG-IP Edge Client for Windows vulnerability↗2026-02-04

▶

📋Vendor Advisories

CVE-2026-20730: A vulnerability exists in BIG-IP Edge Client and browser VPN clients on Windows that may allow attackers to gain acce...↗2026-02-04

▶

🕵️Threat Intelligence

Wiz

CVE-2026-20730 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶