CVE-2026-21905 Junos OS: SRX Series, MX Series with MX-SPC3 or MS-MPC: Receipt of multiple specific SIP messages results in flow management process crash

🗓️ 15 Jan 2026 20:19:22Reported by juniperType

Unauthenticated SIP messages over transmission control protocol crash flow management on Junos OS SRX and MX, causing denial of service.

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2026-21905	15 Jan 202620:19	–	attackerkb
Circl	CVE-2026-21905	15 Jan 202622:14	–	circl
CNNVD	Juniper Networks Junos OS security vulnerabilities	15 Jan 202600:00	–	cnnvd
CVE	CVE-2026-21905	15 Jan 202620:19	–	cve
EUVD	EUVD-2026-2687	15 Jan 202620:19	–	euvd
NCSC	Vulnerabilities fixed in Juniper Networks JunOS	16 Jan 202610:07	–	ncsc
NVD	CVE-2026-21905	15 Jan 202621:16	–	nvd
OSV	CVE-2026-21905	15 Jan 202621:16	–	osv
Positive Technologies	PT-2026-3119	15 Jan 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-21905	16 Jan 202621:33	–	redhatcve

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "SRX Series",
      "MX Series with MX-SPC3",
      "MX Series with MS-MPC"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "21.2R3-S10",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R3-S12",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      },
      {
        "lessThan": "22.4R3-S8",
        "status": "affected",
        "version": "22.4",
        "versionType": "semver"
      },
      {
        "lessThan": "23.2R2-S5",
        "status": "affected",
        "version": "23.2",
        "versionType": "semver"
      },
      {
        "lessThan": "23.4R2-S6",
        "status": "affected",
        "version": "23.4",
        "versionType": "semver"
      },
      {
        "lessThan": "24.2R2-S3",
        "status": "affected",
        "version": "24.2",
        "versionType": "semver"
      },
      {
        "lessThan": "24.4R2-S1",
        "status": "affected",
        "version": "24.4",
        "versionType": "semver"
      },
      {
        "lessThan": "25.2R1-S1, 25.2R2",
        "status": "affected",
        "version": "25.2",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
kb	www.kb.juniper.net/JSA106004
supportportal	www.supportportal.juniper.net/JSA106004

15 Jan 2026 20:19Current

CVSS 3.17.5

CVSS 48.7

EPSS0.00367

CWE-835