Application Delivery / ADC · head-to-head
F5 vs HAProxy
L4-L7 load balancers, ADCs and reverse proxies. Counts are scoped to this segment and the selected published-date window. F5 carries 26.0× the disclosed CVE volume of HAProxy. Volume reflects disclosure practice and install base as much as code quality — read it with the severity mix. Sourced from the NIST NVD; lower counts indicate a smaller disclosed vulnerability surface — not necessarily lower risk.
Disclosure record
Bars are normalized per row to the larger value; the leading count is emphasized.
| F5 | Metric | HAProxy | ||
|---|---|---|---|---|
| 130 | Total CVEs | 5 | ||
| 2 | Critical | 0 | ||
| 82 | High | 4 | ||
| 41 | Medium | 1 | ||
| 5 | Low | 0 | ||
| 322 | Open in latest | 14 |
Risk profile
Each severity band as a share of the vendor's own total — strips out raw volume so the profiles compare directly.
F5
1.5% critical- Critical
- 21.5%
- High
- 8263.1%
- Medium
- 4131.5%
- Low
- 53.8%
HAProxy
0.0% critical- Critical
- 00.0%
- High
- 480.0%
- Medium
- 120.0%
- Low
- 00.0%
Recent activity
Latest in-window disclosures per vendor, newest first. Each ID links to its NVD record.
F5
| CVE | Severity | CVSS | Published |
|---|---|---|---|
| CVE-2026-48142(opens NVD record) | Medium | 4.8 | Jun 17, 2026 |
| CVE-2026-42530(opens NVD record) | High | 8.1 | Jun 17, 2026 |
| CVE-2026-42055(opens NVD record) | High | 8.1 | Jun 17, 2026 |
| CVE-2026-9256(opens NVD record) | High | 8.1 | May 22, 2026 |
| CVE-2026-42946(opens NVD record) | Medium | 6.5 | May 13, 2026 |
| CVE-2026-42945(opens NVD record) | High | 8.1 | May 13, 2026 |
HAProxy
| CVE | Severity | CVSS | Published |
|---|---|---|---|
| CVE-2026-55204(opens NVD record) | High | 7.5 | Jun 18, 2026 |
| CVE-2026-55203(opens NVD record) | High | 7.5 | Jun 18, 2026 |
| CVE-2026-33555(opens NVD record) | Medium | 4.0 | Apr 13, 2026 |
| CVE-2025-11230(opens NVD record) | High | 7.5 | Nov 19, 2025 |
| CVE-2024-45506(opens NVD record) | High | 7.5 | Sep 4, 2024 |
Track new CVEs for these vendors
Get an email the moment a new vulnerability is disclosed for the products you rely on.