Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Juniper Networks — Vulnerabilities & Security Advisories 893

Browse all 893 CVE security advisories affecting Juniper Networks. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Juniper Networks operates as a global provider of networking hardware, software, and services, primarily focusing on enterprise and service provider infrastructure. With 893 recorded Common Vulnerabilities and Exposures, the company’s attack surface reflects the complexity of its extensive product portfolio. Historically, vulnerabilities in its systems have frequently involved remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from input validation errors or improper access controls in management interfaces. Notable incidents include critical flaws in ScreenOS and Junos OS that allowed attackers to bypass authentication or execute arbitrary commands, highlighting risks in legacy and core routing platforms. These issues underscore the necessity for rigorous patch management and secure configuration practices. As a foundational element of global internet infrastructure, the security posture of Juniper Networks directly impacts the stability and integrity of connected networks worldwide, necessitating continuous monitoring and proactive defense strategies.

Top products by Juniper Networks: Junos OS Junos OS Evolved Junos Space NorthStar Controller Application Juniper ATP ScreenOS Paragon Active Assurance Contrail Service Orchestration SRC Series MIST Cloud UI Junos Space Security Director Contrail JSI LWC Session Smart Router SBR Carrier Contrail Insights Apstra CTP OS JunosE Paragon Automation (Pathfinder, Planner, Insights) Security Director Policy Enforcer Juniper Security Director Junos OS on SRX Series Services Gateways chassis cluster Junos Paragon Active Assurance (Formerly Netrounds) Juniper Identity Management Service (JIMS) Junos OS with DHCPv6 enabled 128 Technology Session Smart Router CTPView Contrail Cloud
CVE IDTitleCVSSSeverityPublished
CVE-2026-33791 Junos OS and Junos OS Evolved: Execution of crafted CLI commands allows for arbitrary shell injection as root — Junos OSCWE-78 6.7 Medium2026-04-09
CVE-2026-33790 Junos OS: SRX Series: In a NAT64 configuration, receipt of a specific, malformed ICMPv6 packet will cause the srxpfe process to crash and restart. — Junos OSCWE-754 7.5 High2026-04-09
CVE-2026-33787 Junos OS: SRX1500, SRX4100, SRX4200, SRX4600: When a specific show command is executed chassisd crashes — Junos OSCWE-754 5.5 Medium2026-04-09
CVE-2026-33785 Junos OS: MX Series: Missing Authorization for specific 'request' CLI commands in a JDM/CSDS scenario — Junos OSCWE-862 8.8 High2026-04-09
CVE-2026-33784 JSI Virtual Lightweight Collector: Default password is not required to be changed which allows unauthorized high-privileged access — JSI LWCCWE-1393 9.8 Critical2026-04-09
CVE-2026-33783 Junos OS Evolved: PTX Series: If SRTE tunnels provisioned via PCEP are present and specific gRPC queries are received evo-aftmand crashes — Junos OS EvolvedCWE-686 6.5 Medium2026-04-09
CVE-2026-33781 Junos OS: EX Series, QFX Series: In a VXLAN scenario when specific control protocol packets are received, memory leaks and eventually no traffic is passed — Junos OSCWE-754 6.5 Medium2026-04-09
CVE-2026-33778 Junos OS: SRX Series, MX Series: When a specifically malformed first ISAKMP packet is received kmd/iked crashes — Junos OSCWE-1286 7.5 High2026-04-09
CVE-2026-33776 Junos OS and Junos OS Evolved: Specific low privileged CLI command exposes sensitive information — Junos OSCWE-862 5.5 Medium2026-04-09
CVE-2026-33774 Junos OS: MX Series: Firewall filters on lo0.<non-0> in the default routing instance are not in effect — Junos OSCWE-754 6.5 Medium2026-04-09
CVE-2026-33771 CTP OS: Configuring password requirements does not work which permits the use of weak passwords — CTP OSCWE-521 7.4 High2026-04-09
CVE-2025-13914 Apstra: SSH host key validation vulnerability for managed devices — ApstraCWE-322 8.7 High2026-04-09
CVE-2026-33797 Junos OS and Junos OS Evolved: An attacker sending a specific genuine BGP packet causes a BGP reset — Junos OSCWE-20 7.4 High2026-04-09
CVE-2026-33779 Junos OS: SRX Series: Insufficient certificate verification for device to SD cloud communication — Junos OSCWE-296 6.5 Medium2026-04-09
CVE-2026-33775 Junos OS: MX Series: Mismatch between configured and received packet types causes memory leak in bbe-smgd — Junos OSCWE-401 6.5 Medium2026-04-09
CVE-2026-33782 Junos OS: MX Series: In specific DHCPv6 scenarios jdhcpd memory increases continuously with subscriber logouts — Junos OSCWE-401 6.5 Medium2026-04-09
CVE-2026-33780 Junos OS and Junos OS Evolved: In an EVPN-MPLS scenario churn of ESI routes causes a memory leak in l2ald — Junos OSCWE-401 6.5 Medium2026-04-09
CVE-2026-33773 Junos OS: EX Series, QFX Series: If the same egress filter is configured on both an IRB and a physical interface one of those is not applied — Junos OSCWE-1419 5.8 Medium2026-04-09
CVE-2026-33786 Junos OS: SRX1600, SRX2300, SRX4300: When a specific show command is executed chassisd crashes — Junos OSCWE-754 5.5 Medium2026-04-09
CVE-2026-21916 Junos OS: A low privileged user can escalate their privileges so that they can login as root — Junos OSCWE-61 7.3 High2026-04-09
CVE-2026-33788 Junos OS Evolved: Local, authenticated attacker can gain privileged access to FPCs — Junos OS EvolvedCWE-306 7.8 High2026-04-09
CVE-2026-21919 Junos OS and Junos OS Evolved: A high frequency of connecting and disconnecting NETCONF sessions causes management unavailability — Junos OSCWE-821 6.5 Medium2026-04-09
CVE-2026-21915 JSI Virtual Lightweight Collector: Shell escape allows privilege escalation to root — JSI LWCCWE-183 6.7 Medium2026-04-09
CVE-2026-21904 Junos Space: ilpFilter field on nLegacy.jsp is vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2026-04-09
CVE-2025-59969 Junos OS Evolved: QFX5000 Series and PTX Series: An attacker sending crafted multicast packets will cause evo-aftmand / evo-pfemand to crash and restart — Junos OS EvolvedCWE-120 6.5 Medium2026-04-09
CVE-2026-33793 Junos OS and Junos OS Evolved: When an unsigned Python op script configuration is present, a local low privileged user can compromise the system — Junos OSCWE-250 7.8 High2026-04-09
CVE-2025-30650 Junos OS: Privileged local user can gain access to a Linux-based FPC as root — Junos OSCWE-306 6.7 Medium2026-04-08
CVE-2026-21902 Junos OS Evolved: PTX Series: A vulnerability allows a unauthenticated, network-based attacker to execute code as root — Junos OS EvolvedCWE-732 9.8 Critical2026-02-25
CVE-2025-21589 Session Smart Router, Session Smart Conductor, WAN Assurance Router: API Authentication Bypass vulnerability — Session Smart RouterCWE-288 9.8 Critical2026-01-27
CVE-2026-21921 Junos OS and Junos OS Evolved: When telemetry collectors are frequently subscribing and unsubscribing to sensors chassisd or rpd will crash — Junos OSCWE-416 6.5 Medium2026-01-15

This page lists every published CVE security advisory associated with Juniper Networks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.