CVE-2026-21918 Junos OS: SRX and MX Series: When TCP packets occur in a specific sequence flowd crashes

🗓️ 15 Jan 2026 20:27:54Reported by juniperType

Flowd double free in Junos OS on SRX and MX causes flowd crash and Denial of Service during TCP session setup.

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2026-21918	15 Jan 202620:27	–	attackerkb
Circl	CVE-2026-21918	15 Jan 202621:54	–	circl
CNNVD	Juniper Networks Junos OS resource management error vulnerability	15 Jan 202600:00	–	cnnvd
CVE	CVE-2026-21918	15 Jan 202620:27	–	cve
EUVD	EUVD-2026-2697	15 Jan 202620:27	–	euvd
Tenable Nessus	Juniper Junos OS Vulnerability (JSA106018)	14 Jan 202600:00	–	nessus
NCSC	Vulnerabilities fixed in Juniper Networks JunOS	16 Jan 202610:07	–	ncsc
NVD	CVE-2026-21918	15 Jan 202621:16	–	nvd
Positive Technologies	PT-2026-3130	15 Jan 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-21918	16 Jan 202621:33	–	redhatcve

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "SRX Series",
      "MX Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "22.4R3-S7",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "23.2R2-S3",
        "status": "affected",
        "version": "23.2",
        "versionType": "semver"
      },
      {
        "lessThan": "23.4R2-S4",
        "status": "affected",
        "version": "23.4",
        "versionType": "semver"
      },
      {
        "lessThan": "24.2R2",
        "status": "affected",
        "version": "24.2",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
kb	www.kb.juniper.net/JSA106018
supportportal	www.supportportal.juniper.net/JSA106018

15 Jan 2026 20:27Current

CVSS 3.17.5

CVSS 48.7

EPSS0.00375

CWE-415