CVE-2025-53521, a critical remote code execution vulnerability in F5 BIG-IP Access Policy Manager, was added to CISA KEV on March 27, 2026 with an FCEB remediation deadline of March 30, 2026 — two days from the date of this rollup. With an EPSS percentile of 95.3%, exploitation probability is high in the near term. BIG-IP APM’s role as a network access control and application delivery gateway means compromise could enable broad network access and lateral movement; all organizations should treat this as an emergency-priority item and consult the F5 Security Advisory directly for affected versions and patch guidance.