A vulnerability was found in F5 BIG-IP . It has been classified as critical . The impacted element is an unknown function of the component iControl REST Handler . The manipulation leads to command injection. This vulnerability is uniquely identified as CVE-2026-40061 . The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.