Issues Resolved
- Last Updated: January 9, 2026
- LoadMaster
- LoadMaster GA
- Documentation
| LM-8357 | Security: Fixed a Stored Cross-Site Scripting (XSS) issue in /progs/doconfig/setclickthrough. |
| LM-8315 | Security: Fixed a Command Injection Remote Code Execution (RCE) vulnerability in the delcert Application Programming Interface (API) and User Interface (UI). |
| LM-8314 | Security: Fixed a Command Injection Remote Code Execution (RCE) vulnerability in the getcipherset API and UI. |
| LM-8313 | Security: Fixed a Command Injection Remote Code Execution (RCE) vulnerability in the addapikey API and UI. |
| LM-8312 | Security: Fixed a Command Injection Remote Code Execution (RCE) vulnerability in the listapikeys API and UI. |
| LM-8311 | Security: Fixed a Stored Cross-Site Scripting (XSS) issue in /progs/doconfig/setmotd. |
| LM-8310 | Security: Fixed a Directory Traversal to File Enumeration issue in the dodownloadwafauditlog API and UI. |
| LM-8309 | Security: Fixed a Command Injection Remote Code Execution (RCE) vulnerability in the delapikey API and UI. |
| LM-8304 | SNMP: Fixed an issue with SNMP walk commands when more than 1024 Real Servers have been defined. |
| LM-8303 | SNMP: Fixed a segmentation fault that occurs when an SNMP walk is performed and the configuration file changes simultaneously. |
| LM-8301 | API: Fixed a JSON formatting issue with the APIv2 aslgetlicensetypes command. |
| LM-8300 | GEO: Fixed an issue that causes "location latitude failure" logs to appear repeatedly when the user browses the GEO UI pages. |
| LM-8299 | Kubernetes Ingress Controller (KIC): Fixed a memory leak that caused failures when updates are pushed to pods. |
| LM-8298 | SubVS Persistence: Fixed an issue where enabling Share SubVS Persistence causes a reboot. |
| LM-8297 | Web Application Firewall (WAF)/Auditconsole: Fixed an intermittent issue that caused WAF event logs to no longer be sent to a configured AuditConsole. |
| LM-8296 | WAF: Fixed an issue (which occurred in 7.2.62.0) where event logs were missing client info. |
| LM-8294 | L7 Request Logging: Fixed an issue (which occurred in 7.2.62.0) where all request logs always return a 200 response code. |
| LM-8293 | WAF: Fixed an issue with ModSecurity (CVE-2025-52891) that causes a segfault when processing XML payloads with empty elements. |
| LM-8292 | WAF: Fixed an issue where CPU usage spikes due to processes not terminating cleanly under heavy load. |
| LM-8289 | SSO Remote Logging: Fixed an issue where logs might not be sent to a remote syslog server due to an internal error. |
| LM-8022 | Platforms: Added support for AMD processors in public and private clouds that support them. |
| LM-8021 | Kernel: Fixed a null pointer dereference that caused a system crash. |