CVE-2026-33781— Junos OS: EX Series, QFX Series: In a VXLAN scenario when specific control protocol packets are received, memory leaks and eventually no traffic is passed

CVSS 6.5 · Medium EPSS 0.02% · P7 Updated Apr 11, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-33781

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Junos OS: EX Series, QFX Series: In a VXLAN scenario when specific control protocol packets are received, memory leaks and eventually no traffic is passed

Source: NVD (National Vulnerability Database)

Vulnerability Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX and QFX Series devices allow an unauthenticated, adjacent attacker to cause a complete Denial of Service (DoS). On EX4k, and QFX5k platforms configured as service-provider edge devices, if L2PT is enabled on the UNI and VSTP is enabled on NNI in VXLAN scenarios, receiving VSTP BPDUs on UNI leads to packet buffer allocation failures, resulting in the device to not pass traffic anymore until it is manually recovered with a restart.This issue affects Junos OS: * 24.4 releases before 24.4R2, * 25.2 releases before 25.2R1-S1, 25.2R2. This issue does not affect Junos OS releases before 24.4R1.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

对因果或异常条件的不恰当检查

Source: NVD (National Vulnerability Database)

Vulnerability Title

Juniper Networks Junos OS EX/QFX 代码问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Juniper Networks Junos OS EX/QFX是美国瞻博网络（Juniper Networks）公司的一款交换机。该产品为接入交换机的任意两个网络节点提供独享的电信号通路。 Juniper Networks Junos OS EX/QFX 24.4R2之前版本和25.2R1-S1及25.2R2之前版本存在代码问题漏洞，该漏洞源于对异常或特殊情况检查不当，可能导致拒绝服务攻击。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Juniper Networks	Junos OS	24.4 ~ 24.4R2	-

II. Public POCs for CVE-2026-33781

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-33781

请登录查看更多情报信息。

Same Patch Batch · Juniper Networks · 2026-04-09 · 26 CVEs total

CVE-2026-33784	9.8 CRITICAL	JSI Virtual Lightweight Collector: Default password is not required to be changed which al
CVE-2026-33785	8.8 HIGH	Junos OS: MX Series: Missing Authorization for specific 'request' CLI commands in a JDM/CS
CVE-2025-13914	8.7 HIGH	Apstra: SSH host key validation vulnerability for managed devices
CVE-2026-33793	7.8 HIGH	Junos OS and Junos OS Evolved: When an unsigned Python op script configuration is present,
CVE-2026-33788	7.8 HIGH	Junos OS Evolved: Local, authenticated attacker can gain privileged access to FPCs
CVE-2026-33790	7.5 HIGH	Junos OS: SRX Series: In a NAT64 configuration, receipt of a specific, malformed ICMPv6 pa
CVE-2026-33778	7.5 HIGH	Junos OS: SRX Series, MX Series: When a specifically malformed first ISAKMP packet is rece
CVE-2026-33771	7.4 HIGH	CTP OS: Configuring password requirements does not work which permits the use of weak pass
CVE-2026-33797	7.4 HIGH	Junos OS and Junos OS Evolved: An attacker sending a specific genuine BGP packet causes a
CVE-2026-21916	7.3 HIGH	Junos OS: A low privileged user can escalate their privileges so that they can login as ro
CVE-2026-33791	6.7 MEDIUM	Junos OS and Junos OS Evolved: Execution of crafted CLI commands allows for arbitrary shel
CVE-2026-21915	6.7 MEDIUM	JSI Virtual Lightweight Collector: Shell escape allows privilege escalation to root
CVE-2026-33780	6.5 MEDIUM	Junos OS and Junos OS Evolved: In an EVPN-MPLS scenario churn of ESI routes causes a memor
CVE-2025-59969	6.5 MEDIUM	Junos OS Evolved: QFX5000 Series and PTX Series: An attacker sending crafted multicast pac
CVE-2026-21919	6.5 MEDIUM	Junos OS and Junos OS Evolved: A high frequency of connecting and disconnecting NETCONF se
CVE-2026-33782	6.5 MEDIUM	Junos OS: MX Series: In specific DHCPv6 scenarios jdhcpd memory increases continuously wit
CVE-2026-33775	6.5 MEDIUM	Junos OS: MX Series: Mismatch between configured and received packet types causes memory l
CVE-2026-33779	6.5 MEDIUM	Junos OS: SRX Series: Insufficient certificate verification for device to SD cloud communi
CVE-2026-33783	6.5 MEDIUM	Junos OS Evolved: PTX Series: If SRTE tunnels provisioned via PCEP are present and specifi
CVE-2026-33774	6.5 MEDIUM	Junos OS: MX Series: Firewall filters on lo0.<non-0> in the default routing instance are n

Showing top 20 of 26 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Junos OS

Same vendor: Juniper Networks

Same weakness: CWE-754

V. Comments for CVE-2026-33781

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-33781— Junos OS: EX Series, QFX Series: In a VXLAN scenario when specific control protocol packets are received, memory leaks and eventually no traffic is passed

I. Basic Information for CVE-2026-33781

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-33781

III. Intelligence Information for CVE-2026-33781

Same Patch Batch · Juniper Networks · 2026-04-09 · 26 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-33781

Leave a comment