Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001534)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001534 advisory. arch/powerpc/kvm/book3srtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via...

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-47214)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

Qnap QTS and QuTS hero Out-of-bounds Write (CVE-2024-53699)

An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. We have already fixed the vulnerability in the following versions...

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-52855)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

Qnap QTS and QuTS Hero Buffer Copy without Checking Size of Input (CVE-2024-56805)

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS...

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-48729)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-52424)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

CVE-2026-21920

An Unchecked Return Value vulnerability in the DNS module of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. If an SRX Series device configured for DNS processing, receives a specifically formatted DNS request flowd will...

CVE-2026-21918

A Double Free vulnerability in the flow processing daemon flowd of Juniper Networks Junos OS on SRX and MX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. On all SRX and MX Series platforms, when during TCP session establishment a specific sequence of...

CVE-2026-21913

An Incorrect Initialization of Resource vulnerability in the Internal Device Manager IDM of Juniper Networks Junos OS on EX4000 models allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. On EX4000 models with 48 ports EX4000-48T, EX4000-48P, EX4000-48MP a high volu...

CVE-2026-21914

An Improper Locking vulnerability in the GTP plugin of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service Dos. If an SRX Series device receives a specifically malformed GPRS Tunnelling Protocol GTP Modify Bearer Request message, ...

CVE-2026-21913

An Incorrect Initialization of Resource vulnerability in the Internal Device Manager IDM of Juniper Networks Junos OS on EX4000 models allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. On EX4000 models with 48 ports EX4000-48T, EX4000-48P, EX4000-48MP a high volu...

CVE-2026-21908

A Use After Free vulnerability was identified in the 802.1X authentication daemon dot1xd of Juniper Networks Junos OS and Junos OS Evolved that could allow an authenticated, network-adjacent attacker flapping a port to crash the dot1xd process, leading to a Denial of Service DoS, or potentially...

CVE-2026-21910

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on EX4k Series and QFX5k Series platforms allows an unauthenticated network-adjacent attacker flapping an interface to cause traffic between VXLAN Network...

CVE-2026-21905

A Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in the SIP application layer gateway ALG of Juniper Networks Junos OS on SRX Series and MX Series with MX-SPC3 or MS-MPC allows an unauthenticated network-based attacker sending specific SIP messages over TCP to crash the flow...

CVE-2026-0203

An Improper Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS allows an unauthenticated, network-adjacent attacker sending a specifically malformed ICMP packet to cause an FPC to crash and restart, resulting in a Denial of Service DoS. When an ICMP...

CVE-2026-21903

A Stack-based Buffer Overflow vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS allows a network-based attacker, authenticated with low privileges to cause a Denial-of-Service DoS. Subscribing to telemetry sensors at scale causes all FPC connections to drop, resulting...

CVE-2025-59960

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Juniper DHCP service jdhcpd of Juniper Networks Junos OS and Junos OS Evolved allows a DHCP client in one subnet to exhaust the address pools of other subnets, leading to a Denial of Service DoS on the downstream DHCP...

CVE-2025-60011

An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an availability impact for downstream devices. When an affected device receives a...

CVE-2025-59961

An Incorrect Permission Assignment for Critical Resource vulnerability in the Juniper DHCP daemon jdhcpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to write to the Unix socket used to manage the jdhcpd process, resulting in complete control over the...