Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Juniper Networks — Vulnerabilities & Security Advisories 893

Browse all 893 CVE security advisories affecting Juniper Networks. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Juniper Networks operates as a global provider of networking hardware, software, and services, primarily focusing on enterprise and service provider infrastructure. With 893 recorded Common Vulnerabilities and Exposures, the company’s attack surface reflects the complexity of its extensive product portfolio. Historically, vulnerabilities in its systems have frequently involved remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from input validation errors or improper access controls in management interfaces. Notable incidents include critical flaws in ScreenOS and Junos OS that allowed attackers to bypass authentication or execute arbitrary commands, highlighting risks in legacy and core routing platforms. These issues underscore the necessity for rigorous patch management and secure configuration practices. As a foundational element of global internet infrastructure, the security posture of Juniper Networks directly impacts the stability and integrity of connected networks worldwide, necessitating continuous monitoring and proactive defense strategies.

Top products by Juniper Networks: Junos OS Junos OS Evolved Junos Space NorthStar Controller Application Juniper ATP ScreenOS Paragon Active Assurance Contrail Service Orchestration SRC Series MIST Cloud UI Junos Space Security Director Contrail JSI LWC Session Smart Router SBR Carrier Contrail Insights Apstra CTP OS JunosE Paragon Automation (Pathfinder, Planner, Insights) Security Director Policy Enforcer Juniper Security Director Junos OS on SRX Series Services Gateways chassis cluster Junos Paragon Active Assurance (Formerly Netrounds) Juniper Identity Management Service (JIMS) Junos OS with DHCPv6 enabled 128 Technology Session Smart Router CTPView Contrail Cloud
CVE IDTitleCVSSSeverityPublished
CVE-2026-21920 Junos OS: SRX Series: If a specific request is processed by the DNS subsystem flowd will crash — Junos OSCWE-252 7.5 High2026-01-15
CVE-2026-21918 Junos OS: SRX and MX Series: When TCP packets occur in a specific sequence flowd crashes — Junos OSCWE-415 7.5 High2026-01-15
CVE-2026-21917 Junos OS: SRX Series: Specifically malformed SSL packet causes FPC crash — Junos OSCWE-1286 7.5 High2026-01-15
CVE-2026-21914 Junos OS: SRX Series: A specifically malformed GTP message will cause an FPC crash — Junos OSCWE-667 7.5 High2026-01-15
CVE-2026-21913 Junos OS: EX4000: A high volume of traffic destined to the device leads to a crash and restart — Junos OSCWE-1419 7.5 High2026-01-15
CVE-2026-21912 Junos OS: MX10k Series: 'show system firmware' CLI command may lead to LC480 or LC2101 line card reset — Junos OSCWE-367 5.5 Medium2026-01-15
CVE-2026-21911 Junos OS Evolved: Flapping management interface causes MAC learning on label-switched interfaces to stop — Junos OS EvolvedCWE-682 6.5 Medium2026-01-15
CVE-2026-21910 Junos OS: EX4k Series, QFX5k Series: In an EVPN-VXLAN configuration link flaps cause Inter-VNI traffic drop — Junos OSCWE-754 6.5 Medium2026-01-15
CVE-2026-21909 Junos OS and Junos OS Evolved: Receipt of specific IS-IS update packet causes memory leak leading to RPD crash — Junos OSCWE-401 6.5 Medium2026-01-15
CVE-2026-21908 Junos OS and Junos OS Evolved: Use after free vulnerability In 802.1X authentication daemon can cause crash of the dot1xd process — Junos OSCWE-416 7.1 High2026-01-15
CVE-2026-21907 Junos Space: TLS/SSL server supports use of static key ciphers (ssl-static-key-ciphers) — Junos SpaceCWE-327 5.9 Medium2026-01-15
CVE-2026-21906 Junos OS: SRX Series: With GRE performance acceleration enabled, receipt of a specific ICMP packet causes the PFE to crash — Junos OSCWE-755 7.5 High2026-01-15
CVE-2026-21905 Junos OS: SRX Series, MX Series with MX-SPC3 or MS-MPC: Receipt of multiple specific SIP messages results in flow management process crash — Junos OSCWE-835 7.5 High2026-01-15
CVE-2026-21903 Junos OS: Subscribing to telemetry sensors at scale causes all FPCs to crash — Junos OSCWE-121 6.5 Medium2026-01-15
CVE-2026-0203 Junos OS: Receipt of a specifically malformed ICMP packet causes an FPC restart — Junos OSCWE-755 6.5 Medium2026-01-15
CVE-2025-60011 Junos OS and Junos OS Evolved: Optional transitive BGP attribute is modified before propagation to peers causing sessions to flap — Junos OSCWE-754 5.8 Medium2026-01-15
CVE-2025-60007 Junos OS: A specifically crafted 'show chassis' command causes chassisd to crash — Junos OSCWE-476 5.5 Medium2026-01-15
CVE-2025-60003 Junos OS and Junos OS Evolved: BGP update with a set of specific attributes causes rpd crash — Junos OSCWE-126 7.5 High2026-01-15
CVE-2025-59961 Junos OS and Junos OS Evolved: Unix socket used to control the jdhcpd process is world-writable — Junos OSCWE-732 5.5 Medium2026-01-15
CVE-2025-59960 Junos OS and Junos OS Evolved: DHCP Option 82 messages from clients being passed unmodified to the DHCP server — Junos OSCWE-754 7.4 High2026-01-15
CVE-2025-59959 Junos OS and Junos OS Evolved: Executing a specific show command leads to an rpd crash — Junos OSCWE-822 5.5 Medium2026-01-15
CVE-2025-52987 Paragon Automation: A clickjacking vulnerability in the web server configuration has been addressed — Paragon Automation (Pathfinder, Planner, Insights)CWE-1021 6.1 Medium2026-01-15
CVE-2025-60010 Junos OS and Junos OS Evolved: Device allows login for user with expired password — Junos OSCWE-262 5.4 Medium2025-10-09
CVE-2025-60009 Junos Space: CLI Configlet page is vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-60006 Junos OS Evolved: OS command injection vulnerabilities fixed — Junos OS EvolvedCWE-78 5.3 Medium2025-10-09
CVE-2025-60004 Junos OS and Junos OS Evolved: Specific BGP EVPN update message causes rpd crash — Junos OSCWE-754 7.5 High2025-10-09
CVE-2025-60002 Junos Space: Template Definitions page is vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-60001 Junos Space: Create Quick Template page is vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-60000 Junos Space: Generate Report page is vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09
CVE-2025-59999 Junos Space: API Access Profiles page is vulnerable to reflected cross-site script injection — Junos SpaceCWE-79 6.1 Medium2025-10-09

This page lists every published CVE security advisory associated with Juniper Networks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.