CVE-2026-21920— Junos OS: SRX Series: If a specific request is processed by the DNS subsystem flowd will crash
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-21920
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Junos OS: SRX Series: If a specific request is processed by the DNS subsystem flowd will crash
Source: NVD (National Vulnerability Database)
Vulnerability Description
An Unchecked Return Value vulnerability in the DNS module of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If an SRX Series device configured for DNS processing, receives a specifically formatted DNS request flowd will crash and restart, which causes a service interruption until the process has recovered. This issue affects Junos OS on SRX Series: * 23.4 versions before 23.4R2-S5, * 24.2 versions before 24.2R2-S1, * 24.4 versions before 24.4R2. This issue does not affect Junos OS versions before 23.4R1.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
未加检查的返回值
Source: NVD (National Vulnerability Database)
Vulnerability Title
Juniper Networks Junos OS 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Juniper Networks Junos OS是美国瞻博网络(Juniper Networks)公司的一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Juniper Networks Junos OS 23.4R2-S5之前版本、24.2R2-S1之前版本和24.4R2之前版本存在安全漏洞,该漏洞源于DNS模块存在未检查返回值,可能导致拒绝服务。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Juniper Networks | Junos OS | 23.4 ~ 23.4R2-S5 | - |
II. Public POCs for CVE-2026-21920
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-21920
请登录查看更多情报信息。
Same Patch Batch · Juniper Networks · 2026-01-15 · 23 CVEs total
| CVE-2026-21913 | 7.5 HIGH | Junos OS: EX4000: A high volume of traffic destined to the device leads to a crash and res |
| CVE-2026-21918 | 7.5 HIGH | Junos OS: SRX and MX Series: When TCP packets occur in a specific sequence flowd crashes |
| CVE-2025-60003 | 7.5 HIGH | Junos OS and Junos OS Evolved: BGP update with a set of specific attributes causes rpd cra |
| CVE-2026-21917 | 7.5 HIGH | Junos OS: SRX Series: Specifically malformed SSL packet causes FPC crash |
| CVE-2026-21914 | 7.5 HIGH | Junos OS: SRX Series: A specifically malformed GTP message will cause an FPC crash |
| CVE-2026-21905 | 7.5 HIGH | Junos OS: SRX Series, MX Series with MX-SPC3 or MS-MPC: Receipt of multiple specific SIP m |
| CVE-2026-21906 | 7.5 HIGH | Junos OS: SRX Series: With GRE performance acceleration enabled, receipt of a specific ICM |
| CVE-2025-59960 | 7.4 HIGH | Junos OS and Junos OS Evolved: DHCP Option 82 messages from clients being passed unmodifie |
| CVE-2026-21908 | 7.1 HIGH | Junos OS and Junos OS Evolved: Use after free vulnerability In 802.1X authentication daemo |
| CVE-2026-21903 | 6.5 MEDIUM | Junos OS: Subscribing to telemetry sensors at scale causes all FPCs to crash |
| CVE-2026-21911 | 6.5 MEDIUM | Junos OS Evolved: Flapping management interface causes MAC learning on label-switched inte |
| CVE-2026-21910 | 6.5 MEDIUM | Junos OS: EX4k Series, QFX5k Series: In an EVPN-VXLAN configuration link flaps cause Inter |
| CVE-2026-21909 | 6.5 MEDIUM | Junos OS and Junos OS Evolved: Receipt of specific IS-IS update packet causes memory leak |
| CVE-2026-0203 | 6.5 MEDIUM | Junos OS: Receipt of a specifically malformed ICMP packet causes an FPC restart |
| CVE-2026-21921 | 6.5 MEDIUM | Junos OS and Junos OS Evolved: When telemetry collectors are frequently subscribing and un |
| CVE-2025-52987 | 6.1 MEDIUM | Paragon Automation: A clickjacking vulnerability in the web server configuration has been |
| CVE-2026-21907 | 5.9 MEDIUM | Junos Space: TLS/SSL server supports use of static key ciphers (ssl-static-key-ciphers) |
| CVE-2025-60011 | 5.8 MEDIUM | Junos OS and Junos OS Evolved: Optional transitive BGP attribute is modified before propag |
| CVE-2026-21912 | 5.5 MEDIUM | Junos OS: MX10k Series: 'show system firmware' CLI command may lead to LC480 or LC2101 lin |
| CVE-2025-60007 | 5.5 MEDIUM | Junos OS: A specifically crafted 'show chassis' command causes chassisd to crash |
Showing top 20 of 23 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Junos OS
- CVE-2026-33791
Junos OS and Junos OS Evolved: Execution of crafted CLI comm - CVE-2026-33790
Junos OS: SRX Series: In a NAT64 configuration, receipt of a - CVE-2026-33787
Junos OS: SRX1500, SRX4100, SRX4200, SRX4600: When a specifi - CVE-2026-33785
Junos OS: MX Series: Missing Authorization for specific 'req - CVE-2026-33781
Junos OS: EX Series, QFX Series: In a VXLAN scenario when sp
Same vendor: Juniper Networks
- CVE-2026-33791
Junos OS and Junos OS Evolved: Execution of crafted CLI comm - CVE-2026-33790
Junos OS: SRX Series: In a NAT64 configuration, receipt of a - CVE-2026-33787
Junos OS: SRX1500, SRX4100, SRX4200, SRX4600: When a specifi - CVE-2026-33785
Junos OS: MX Series: Missing Authorization for specific 'req - CVE-2026-33784
JSI Virtual Lightweight Collector: Default password is not r
Same weakness: CWE-252
- CVE-2026-34065
nimiq-primitives: Node crash due to missing interlink valida - CVE-2026-35344
uutils coreutils dd Silent Data Corruption via Unconditional - CVE-2026-35468
nimiq/core-rs-albatross: Panic in history index request hand - CVE-2026-31830
sigstore-ruby verifier returns success for DSSE bundles with - CVE-2026-28691
ImageMagick has an uninitialized pointer dereference in JBIG
V. Comments for CVE-2026-21920
No comments yet