7989 matches found
CVE-2026-57054
CVE-2026-57054 describes a Use of Incorrectly-Resolved Name or Reference vulnerability in the URL filtering plugin of Juniper Networks Junos OS on MX Series. The issue allows an unauthenticated, network-based attacker to bypass web filtering and access downstream resources that should be unreacha...
CVE-2026-57054
A Use of Incorrectly-Resolved Name or Reference vulnerability in the URL filtering plugin of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass web filtering and access downstream resources that should be unreachable. If an MX Series device is...
CVE-2026-57032 Junos OS: EX Series: Subscribing to an unsupported telemetry sensor path causes fxpc process crash
An Improper Handling of Undefined Parameters vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on EX Series devices allows an authenticated attacker with low privileges to cause a Denial-of-Service DoS. If an attempt is made to subscribe to an unsupported telemetry...
CVE-2026-57032
An Improper Handling of Undefined Parameters vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on EX Series devices allows an authenticated attacker with low privileges to cause a Denial-of-Service DoS. If an attempt is made to subscribe to an unsupported telemetry...
CVE-2026-57032
CVE-2026-57032 describes an improper handling of undefined parameters in the packet forwarding engine (pfe) of Juniper Networks Junos OS on EX Series devices. When attempting to subscribe to an unsupported telemetry sensor path on EX2300, EX3400, EX4000, EX4100, and EX4400 via gRPC, the Front Pan...
CVE-2026-57031
Summary of CVE-2026-57031 (Junos OS MX Series): A vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on MX Series devices allows adjacent subscribers configured on static interfaces to bypass ingress firewall filters, disabling both protocol-level and upstream bandwi...
CVE-2026-57031
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on MX Series allows adjacent subscribers to bypass configured firewall filters. On MX Series devices with MPC10/11, LC4800/9600, and MX304 with subscribers...
CVE-2026-57031 Junos OS: MX Series: For subscribers configured on static interfaces, input filters are not in effect
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on MX Series allows adjacent subscribers to bypass configured firewall filters. On MX Series devices with MPC10/11, LC4800/9600, and MX304 with subscribers...
CVE-2026-57030
CVE-2026-57030 describes a race condition in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series. The vulnerability occurs during flow timeout handling in stateful traffic processing: a race when setting a flow’s timeout can cause the value to be set to an abnormally hig...
CVE-2026-57030 Junos OS: SRX Series: Flow sessions are not getting cleared leading to a DoS
A Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. As part of the stateful...
CVE-2026-57029
CVE-2026-57029 describes a missing synchronization vulnerability in the flow collector handler of Junos OS Evolved on QFX Series. When the reachability of an sFlow collector changes, updating the next-hop entry can race with the sFlow thread accessing the same data, causing the evo-pfemand proces...
CVE-2026-57029 Junos OS Evolved: QFX Series: When sFlow collector reachability changes evo-pfemand process can crash
A Missing Synchronization vulnerability in the flow collector handler of Juniper Networks Junos OS Evolved on QFX Series allows an adjacent, unauthenticated attacker to cause a Denial-of-Service DoS. When the reachability of an sFlow collector changes, the corresponding next-hop entry is...
CVE-2026-57029
A Missing Synchronization vulnerability in the flow collector handler of Juniper Networks Junos OS Evolved on QFX Series allows an adjacent, unauthenticated attacker to cause a Denial-of-Service DoS. When the reachability of an sFlow collector changes, the corresponding next-hop entry is...
CVE-2026-57028
CVE-2026-57028 affects Juniper Networks Junos OS Evolved. An incorrectly initialized process meant to communicate only internally can be reached over the network via an open port, enabling an unauthenticated, network-based attacker to gain unauthorized access to license management. Affected scope...
CVE-2026-57028
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause license exhaustion. Due to an incorrect initialization, a process which should only be able to communicate internall...
CVE-2026-57028 Junos OS Evolved: A port which has been inadvertently exposed can be reached by an attacker
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause license exhaustion. Due to an incorrect initialization, a process which should only be able to communicate internall...
CVE-2026-57027
CVE-2026-57027 affects Juniper Networks Junos OS on EX4100 and EX4400 in sFlow VC deployments. When multicast traffic is exchanged between VC members, a memory leak in the packet forwarding engine (pfe) can cause an FPC crash and restart, leading to DoS for unauthenticated adjacent attackers. Aff...
CVE-2026-57026 Junos OS: MX Series with SPC3, SRX Series: Processing of a specifically malformed SIP invite causes a flowd crash
An Improper Validation of Syntactic Correctness of Input vulnerability in the SIP plugin of Juniper Networks Junos OS on MX Series with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS.If the SIP ALG is enabled on an affected device, the...
CVE-2026-57026
An Improper Validation of Syntactic Correctness of Input vulnerability in the SIP plugin of Juniper Networks Junos OS on MX Series with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS.If the SIP ALG is enabled on an affected device, the...
CVE-2026-57026
CVE-2026-57026 affects Junos OS on MX Series with SPC3 and SRX Series . The issue is an Improp er Validation of Syntactic Correctness of Input in the SIP plugin, enabling an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS) . When the SIP ALG is enabled, processing a malf...