CVE-2026-33771

A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the...

CVE-2026-21916

creationtimestamp| type| source ---|---|--- 2026-04-09 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/juniper-junos-os-multiple-vulnerabilities20260410 2026-04-09 22:56:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj3vrfisrd2q 2026-04-09 23:29:35+00:00| seen|...

CVE-2025-52949

An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent BGP peer sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of...

The vulnerability of the user interface of Juniper Networks’ Junos OS and Junos OS Evolved systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the user interface of Juniper Networks’ Junos OS and Junos OS Evolved lies in the insufficient protection of operational data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information by executing a specific command like “show...

PT-2025-1009 · Juniper Networks · Junos Evolved +1

Name of the Vulnerable Software and Affected Versions: Junos OS versions 21.2R3-S8 through 21.2R3-S9 Junos OS versions 21.4R3-S7 through 21.4R3-S9 Junos OS versions 22.2R3-S4 through 22.2R3-S5 Junos OS versions 22.3R3-S2 through 22.3R3-S4 Junos OS versions 22.4R3 through 22.4R3-S5 Junos OS versio...

CVE-2024-21605

An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX 300 Series allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. Specific valid link-local traffic is not blocked on ports in STP blocked state bu...

Vulnerability fixed in Juniper JunOS and JunOS Evolved

Juniper has fixed a vulnerability in JunOS and JunOS Evolved. A malicious party could exploit the vulnerability to cause a denial-of-service attack. The vulnerability is in the way BGP UPDATEs are processed. When a specially prepared UPDATE is sent, it can cause the connection to be dropped...

The vulnerability of the routing protocol demon in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause service interruptions.

The vulnerability of the routing protocol demon on Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Packet Forwarding Engine (PFE) module of the JunOS operating system, which allows a hacker to trigger a service failure.

The vulnerability of the Packet Forwarding Engine PFE module in the JunOS operating system is related to insufficient checking of exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

Vulnerability fixed in Juniper JunOS

Juniper has fixed a vulnerability in JunOS and JunOS Evolved. The vulnerability allows an unauthenticated malicious person at remote user to cause a denial-of-service by sending a sending a rogue BGP message. To do this, the malicious party must have built a valid BGP session. The vulnerability i...

CVE-2021-0277

An Out-of-bounds Read vulnerability in the processing of specially crafted LLDP frames by the Layer 2 Control Protocol Daemon l2cpd of Juniper Networks Junos OS and Junos OS Evolved may allow an attacker to cause a Denial of Service DoS, or may lead to remote code execution RCE. Continued receipt...

The vulnerability of the BGP protocol implementation in the JunOS operating system allows a attacker to cause a service failure.

The vulnerability of the BGP protocol implementation in the JunOS operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of the Routing Engine module of the JunOS operating system, which allows a hacker to trigger a service failure.

The vulnerability of the Routing Engine module of the JunOS operating system is related to the operation of data out of the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the Junos operating system’s EVPN/VXLAN technology allows a attacker to trigger a service failure.

The vulnerability of the EVPN/VXLAN technology implementation in Junos routers of the QFX10K series lies in the execution of a loop with an unavailable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

The vulnerability of the Ethernet OAM component of the JunOS operating system, which allows a hacker to trigger a maintenance failure.

The vulnerability of the JunOS operating system’s Ethernet component is related to deficiencies in handling exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of JunOS’s router operating systems vMX and MX150 allows a hacker to trigger a service failure.

The vulnerability of JunOS’ vMX and MX150 routers exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of the FPC module in JunOS and JunOS Evolved operating systems allows a hacker to trigger a service failure.

The vulnerability of the FPC module in JunOS and JunOS Evolved operating systems exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the RPD daemon in the JunOS operating system, allowing a intruder to trigger a maintenance failure

The vulnerability of the RPD daemon in the JunOS operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of JunOS’s High-End SRX Series routers lies in insufficient validation of input data, allowing attackers to trigger service interruptions.

The vulnerability of JunOS operating system’s High-End SRX series routers exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of the jdhcpd daemon in the Junos OS operating system, which allows a hacker to cause a service failure.

The vulnerability of the jdhcpd daemon in the Junos OS operating system is related to resource management errors. Exploiting this vulnerability can allow a attacker to cause service failures...