CVE-2026-33779

The CVE concerns Junos OS on SRX Series failing to properly verify the server certificate when provisioning to Security Director cloud, enabling a PITM to intercept traffic and access credentials and sensitive data. Affected Junos OS versions include all before 22.4R3-S9, 23.2 before 23.2R2-S6, 2...

CVE-2026-33775

A Missing Release of Memory after Effective Lifetime vulnerability in the BroadBand Edge subscriber management daemon bbe-smgd of Juniper Networks Junos OS on MX Series allows an adjacent, unauthenticated attacker to cause a Denial of Service DoS. If the authentication packet-type option is...

CVE-2026-33775 Junos OS: MX Series: Mismatch between configured and received packet types causes memory leak in bbe-smgd

A Missing Release of Memory after Effective Lifetime vulnerability in the BroadBand Edge subscriber management daemon bbe-smgd of Juniper Networks Junos OS on MX Series allows an adjacent, unauthenticated attacker to cause a Denial of Service DoS. If the authentication packet-type option is...

CVE-2026-33782 Junos OS: MX Series: In specific DHCPv6 scenarios jdhcpd memory increases continuously with subscriber logouts

A Missing Release of Memory after Effective Lifetime vulnerability in the DHCP daemon jdhcpd of Juniper Networks Junos OS on MX Series, allows an adjacent, unauthenticated attacker to cause a memory leak, that will eventually cause a complete Denial-of-Service DoS. In a DHCPv6 over PPPoE, or DHCP...

CVE-2026-33782

A Missing Release of Memory after Effective Lifetime vulnerability in the DHCP daemon jdhcpd of Juniper Networks Junos OS on MX Series, allows an adjacent, unauthenticated attacker to cause a memory leak, that will eventually cause a complete Denial-of-Service DoS. In a DHCPv6 over PPPoE, or DHCP...

CVE-2026-33780

A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service DoS. In an EVPN-MPLS...

CVE-2026-33773 Junos OS: EX Series, QFX Series: If the same egress filter is configured on both an IRB and a physical interface one of those is not applied

An Incorrect Initialization of Resource vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on specific EX Series and QFX Series device allows an unauthenticated, network-based attacker to cause an integrity impact to downstream networks. When the same family inet or...

CVE-2026-33773

An Incorrect Initialization of Resource vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on specific EX Series and QFX Series device allows an unauthenticated, network-based attacker to cause an integrity impact to downstream networks. When the same family inet or...

CVE-2026-33786

An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon chassisd of Juniper Networks Junos OS on SRX1600, SRX2300 and SRX4300 allows a local attacker with low privileges to cause a complete Denial of Service DoS. When a specific 'show chassis' CLI comma...

CVE-2026-33786

CVE-2026-33786 affects Juniper Networks Junos OS running on SRX1600, SRX2300, and SRX4300. The issue is an Improper Check for Unusual or Exceptional Conditions in the chassis control daemon (chassisd), allowing a local, low-privilege attacker to cause a complete Denial of Service. When a specific...

CVE-2026-21919

An Incorrect Synchronization vulnerability in the management daemon mgd of Juniper Networks Junos OS and Junos OS Evolved allows a network-based attacker with low privileges to cause a complete Denial-of-Service DoS of the management plane. When NETCONF sessions are quickly established and...

CVE-2026-21919 Junos OS and Junos OS Evolved: A high frequency of connecting and disconnecting NETCONF sessions causes management unavailability

An Incorrect Synchronization vulnerability in the management daemon mgd of Juniper Networks Junos OS and Junos OS Evolved allows a network-based attacker with low privileges to cause a complete Denial-of-Service DoS of the management plane. When NETCONF sessions are quickly established and...

CVE-2026-33793

An Execution with Unnecessary Privileges vulnerability in the User Interface UI of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to gain root privileges, thus compromising the system. When a configuration that allows unsigned Python op scripts is present o...

CVE-2026-33793 Junos OS and Junos OS Evolved: When an unsigned Python op script configuration is present, a local low privileged user can compromise the system

An Execution with Unnecessary Privileges vulnerability in the User Interface UI of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to gain root privileges, thus compromising the system. When a configuration that allows unsigned Python op scripts is present o...

CVE-2026-33793 Junos OS and Junos OS Evolved: When an unsigned Python op script configuration is present, a local low privileged user can compromise the system

An Execution with Unnecessary Privileges vulnerability in the User Interface UI of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to gain root privileges, thus compromising the system. When a configuration that allows unsigned Python op scripts is present o...

CVE-2026-33793

CVE-2026-33793 describes an Execution with Unnecessary Privileges in the Junos OS/Junos OS Evolved UI. If a device has a configuration that allows unsigned Python op scripts, a non-root user can run malicious op scripts and escalate to root-equivalent privileges, compromising the system. Affected...

CVE-2026-40111

PraisonAIAgents memory/hooks.py allows OS command injection via a user-controlled string passed to subprocess.run() with shell=True before 1.5.128. No sanitization occurs, shell metacharacters are interpreted by /bin/sh, enabling execution of arbitrary commands. Two attack surfaces exist: pre_run...

CVE-2026-5978 Totolink A7100RU CGI cstecgi.cgi setWiFiAclRules os command injection

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument mode leads to os command injection. The attack can be initiated remotely. Th...

CVE-2026-5977 Totolink A7100RU CGI cstecgi.cgi setWiFiBasicCfg os command injection

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. This impacts the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument wifiOff can lead to os command injection. It is possible to launch the attack...

CVE-2026-5976 Totolink A7100RU CGI cstecgi.cgi setStorageCfg os command injection

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument sambaEnabled results in os command injection. It is possible to initiate th...