231 matches found
CVE-2026-33780
CVE-2026-33780 concerns a memory leak in Juniper Networks’ l2ald within Junos OS and Junos OS Evolved that is triggered by churn of EVPN-MPLS ESI routes learned from remote multi-homed PE devices. The issue stems from a memory management logic flaw where memory allocated for ESI routes is not rel...
CVE-2026-33790
Threat summary (CVE-2026-33790): Juniper Junos OS on SRX Series is affected by an improper check in the flowd component during NAT64 translation. Receipt of a specific, malformed ICMPv6 packet to the device may crash and restart the srxpfe process, leading to a sustained DoS. Affected software in...
CVE-2025-52947
CVE-2025-52947 affects Juniper Networks Junos OS on ACX1000/1100/2000/2100/2200/4000/5048/5096, older than 21.2R3-S9. Root cause: improper handling of exceptional conditions in route processing when the L2 circuit’s primary path port IGP goes down while hot-standby is configured, causing FEB0 to ...
CVE-2025-52948
Summary: CVE-2025-52948 describes an Improper Handling of Exceptional Conditions vulnerability in the Berkeley Packet Filter (BPF) processing in Juniper Networks Junos OS that can cause the FPC and system to crash and restart under rare traffic patterns, especially when packet capture is enabled....
CVE-2025-52952
CVE-2025-52952 affects Juniper Networks Junos OS on MX Series with MPC-BUILTIN, MPC1–MPC9. The issue is an out-of-bounds write in the CFM daemon that allows an unauthenticated adjacent attacker to send a malformed packet, triggering an FPC crash and device restart and causing a Denial of Service ...
CVE-2025-52984
CVE-2025-52984 – Juniper Junos OS / Junos OS Evolved Root cause: a NULL pointer dereference in the routing protocol daemon (rpd) when a static route points to a reject next hop and a gNMI query is processed for that route, causing rpd to crash and restart and thus impacting device availability. A...
CVE-2025-59962
CVE-2025-59962 affects Juniper Networks Junos OS and Junos OS Evolved with BGP sharding enabled. The issue is an Access of Uninitialized Pointer in the routing protocol daemon (rpd) that can crash and restart rpd when indirect next-hop updates trigger route re-resolution (e.g., an IGP change affe...
CVE-2025-52949
CVE-2025-52949 describes an Improper Handling of Length Parameter Inconsistency in Juniper’s rpd component of Junos OS and Junos OS Evolved. A logically adjacent BGP peer can send a specifically malformed BGP update in EVPN environments, causing rpd to crash and restart, leading to a Denial of Se...
CVE-2026-57027
CVE-2026-57027 affects Juniper Networks Junos OS on EX4100 and EX4400 in sFlow VC deployments. When multicast traffic is exchanged between VC members, a memory leak in the packet forwarding engine (pfe) can cause an FPC crash and restart, leading to DoS for unauthenticated adjacent attackers. Aff...
CVE-2026-21912
CVE-2026-21912 is a TOCTOU race in Juniper Junos OS on MX10k Series affecting LC480/LC2101 line cards. Repeatedly running the CLI command “show system firmware” can cause a line card to crash and restart, with chassisd potentially crashing and generating a core dump after the line card failure. A...
CVE-2026-21918
CVE-2026-21918 describes a Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX and MX Series. The issue allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS) by sending a specific sequence of TCP packets during session...
CVE-2025-52963
CVE-2025-52963 – Junos OS UI access control flaw . A local, low-privileged user with a view permission can issue the risky command to disable an interface, causing a Denial-of-Service. Affected software ranges include: all versions before 21.2R3-S9; 21.4 before 21.4R3-S11; 22.2 before 22.2R3-S7; ...
CVE-2026-33782
CVE-2026-33782 affects Junos OS on MX Series running DHCP daemon (jdhcpd). In specific DHCPv6 scenarios (DHCPv6 over PPPoE or VLAN with Active lease query or Bulk lease query), every subscriber logout leaks memory, leading to memory exhaustion, jdhcpd crash, and a full service impact until recove...
CVE-2025-59960
CVE-2025-59960 affects Juniper Networks Junos OS and Junos OS Evolved. The vulnerability arises in the DHCP service (jdhcpd) where the default DHCP relay behavior allows Option 82 information from a client in one subnet to reach the DHCP server unmodified, enabling a DHCP client to exhaust addres...
CVE-2026-21921
Summary (CVE-2026-21921) : A Use After Free in the chassis daemon (chassisd) of Juniper Junos OS and Junos OS Evolved can allow a network-based attacker with low privileges to cause a Denial-of-Service. The issue arises when telemetry collectors repeatedly subscribe/unsubscribe to sensors, causin...
CVE-2026-57024
The CVE-2026-57024 entry concerns Juniper Junos OS on MX-SPC3 and SRX Series devices, where the iked process can crash under a high volume of VPN negotiation failures. According to the connected documents, repeated VPN failures cause a peer index rollover, leading to new peers being assigned indi...
CVE-2025-59959
CVE-2025-59959 describes an Untrusted Pointer Dereference in Juniper Networks Junos OS and Junos OS Evolved routing protocol daemon (rpd). A local, authenticated attacker with low privileges can trigger a crash/restart of rpd by running the command: show route detail when at least one output rou...
CVE-2025-60011
CVE-2025-60011 describes an improper check for unusual or exceptional conditions in Juniper Junos OS and Junos OS Evolved rpd, enabling an unauthenticated, network-based attacker to cause availability impact on downstream devices. When a device receives a specific optional transitive BGP attribut...
CVE-2026-57032
CVE-2026-57032 describes an improper handling of undefined parameters in the packet forwarding engine (pfe) of Juniper Networks Junos OS on EX Series devices. When attempting to subscribe to an unsupported telemetry sensor path on EX2300, EX3400, EX4000, EX4100, and EX4400 via gRPC, the Front Pan...
CVE-2025-59980
Summary of CVE-2025-59980 : Juniper Networks Junos OS FTP server contains an authentication bypass. When the FTP server is enabled and a user named “ftp” or “anonymous” exists, an unauthenticated attacker can log in without a password and gain read/write access to the user’s home directory. Affec...
CVE-2025-60007
The CVE-2025-60007 entry describes a NULL pointer dereference in Juniper Networks Junos OS chassisd (chassis daemon) on MX, SRX, and EX Series. A local attacker with low privileges can crash chassisd by issuing a crafted show chassis command, causing the affected components (except the Routing En...
CVE-2025-60010
CVE-2025-60010 affects Juniper Junos OS and Junos OS Evolved. A password-aging flaw in the RADIUS client lets an authenticated, network-based attacker log in without enforcing a required password change, using an expired but correct password. Affected versions include: Junos OS pre-22.4R3-S8, 23....
CVE-2026-33776
CVE-2026-33776 affects Juniper Networks Junos OS and Junos OS Evolved. A Missing Authorization flaw in the CLI allows a local, low-privilege user to read sensitive information by executing the command 'show mgd' with specific arguments. Affected Junos OS versions include all before 22.4R3-S8, 23....
CVE-2025-59961
CVE-2025-59961 describes an Incorrect Permission Assignment vulnerability in Juniper’s DHCP daemon (jdhcpd) used by Junos OS and Junos OS Evolved. A local, low-privilege user can write to the Unix socket that manages jdhcpd, enabling administrative control over the DHCP service. Affected products...
CVE-2026-21903
CVE-2026-21903 is a stack-based buffer overflow in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS. A network-based attacker with low privileges can trigger a Denial-of-Service by subscribing to telemetry sensors at scale, which causes all FPC connections to drop, an FPC crash, an...
CVE-2026-57054
CVE-2026-57054 describes a Use of Incorrectly-Resolved Name or Reference vulnerability in the URL filtering plugin of Juniper Networks Junos OS on MX Series. The issue allows an unauthenticated, network-based attacker to bypass web filtering and access downstream resources that should be unreacha...
CVE-2026-57025
CVE-2026-57025 affects Juniper Junos OS and Junos OS Evolved. The vulnerability is a Return of Pointer Value Outside of Expected Range in the fileio library that enables a local, low-privileged attacker to trigger a Denial-of-Service. On EX Series, QFX Series and MX Series, issuing a specific 'sh...
CVE-2026-33788
CVE-2026-33788 affects Juniper Networks Junos OS Evolved on PTX Series (PTX10004/PTX10008/PTX100016 with JNP10K-LC1201/1202). The issue is a Missing Authentication for Critical Function in Flexible PIC Concentrators (FPCs) that allows a local, authenticated, low-privilege user to gain direct acce...
CVE-2026-57022
CVE-2026-57022 affects Junos OS on MX Series with SPC3, SRX Series (including vSRX). The vulnerability stems from an improper check for unusual or exceptional conditions in the Packet Forwarding Engine (PFE). A unauthenticated, network-based attacker can trigger a PFE crash by a TCP connection to...
CVE-2026-57019
CVE-2026-57019 affects Junos OS on MX Series. An issue in the Packet Forwarding Engine (pfe) due to improper validation of a specified quantity in input can allow an unauthenticated adjacent attacker to cause a Denial-of-Service by triggering an FPC major error and a reset, impacting traffic unti...
CVE-2026-57020
CVE-2026-57020 affects Junos OS on Juniper’s QFX10000 Series. The issue arises in the packet forwarding engine (pfe) where an unauthenticated, adjacent attacker can trigger a DoS by sending IPv6 multicast traffic in an EVPN-VxLAN setup; if these packets reach the spine’s non-IRB interface, they f...