NCSC-2026-0224

Vulnerability from csaf_ncscnl - Published: 2026-07-13 05:24 - Updated: 2026-07-13 05:24
Summary
Kwetsbaarheden verholpen in Juniper Networks Junos OS en Junos OS Evolved
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Juniper heeft meerdere kwetsbaarheden verholpen in Junos OS en Junos OS Evolved, specifiek voor MX Series, PTX Series, QFX Series, EX Series, SRX Series en QFX10000 Series apparaten.
Interpretaties: De kwetsbaarheden betreffen verschillende componenten binnen Junos OS en Junos OS Evolved, waaronder de packet forwarding engine, routing protocol daemon, management daemon, SNMP daemon, http-gatekeeper, TCP proxy plugin, IKE daemon, fileio library, SIP plugin, URL filtering plugin en CLI. Exploitatie kan leiden tot geheugenbeschadiging, crashes van processen zoals mgd, rpd, flow processing daemon, l2ald, en FPC, wat resulteert in Denial-of-Service (DoS) condities. Sommige kwetsbaarheden kunnen door lokale gebruikers met beperkte rechten worden misbruikt om code uit te voeren of processen te laten crashen. Andere kwetsbaarheden kunnen door niet-geauthenticeerde aanvallers via netwerkverkeer worden misbruikt om processen te laten crashen, informatie te lekken, licentie-uitputting te veroorzaken of firewallregels te omzeilen. Specifieke hardwaremodellen en softwareversies zijn getroffen, zoals MX Series met SPC3, SRX Series, EX Series (EX2300, EX4000, EX4100, EX4400), QFX Series, PTX Series en QFX10000 Series. Sommige kwetsbaarheden vereisen handmatige herstart van systemen of processen om normale werking te herstellen. De problemen zijn aanwezig in versies voorafgaand aan de gepubliceerde patches en updates.
Oplossingen: Juniper heeft updates uitgebracht om de kwetsbaarheden in Junos OS en Junos OS Evolved te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-236: Improper Handling of Undefined Parameters
CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-401: Missing Release of Memory after Effective Lifetime
CWE-466: Return of Pointer Value Outside of Expected Range
CWE-476: NULL Pointer Dereference
CWE-606: Unchecked Input for Loop Condition
CWE-694: Use of Multiple Resources with Duplicate Identifier
CWE-706: Use of Incorrectly-Resolved Name or Reference
CWE-754: Improper Check for Unusual or Exceptional Conditions
CWE-787: Out-of-bounds Write
CWE-820: Missing Synchronization
CWE-862: Missing Authorization
CWE-923: Improper Restriction of Communication Channel to Intended Endpoints
CWE-1284: Improper Validation of Specified Quantity in Input
CWE-1286: Improper Validation of Syntactic Correctness of Input

Heap buffer overflow vulnerabilities in libfetch affecting FreeBSD versions prior to patches in 12.1, 12.0, and 11.3, as well as Juniper Networks Junos OS Evolved, arise from improper URL handling with username and/or password components, enabling potential code execution.

Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS and Junos OS Evolved management daemon allows a local high-privileged attacker to cause a Denial of Service by manipulating a specific SSH configuration parameter, leading to mgd process crashes and restarts.

CWE-476 - NULL Pointer Dereference
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

A vulnerability in Juniper Networks Junos OS Evolved on PTX Series allows unauthenticated attackers to cause a Denial-of-Service by crashing the evo-aftmand process through malformed unilist ECMP routing updates, requiring manual system recovery.

CWE-754 - Improper Check for Unusual or Exceptional Conditions
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

An Out-of-bounds Write vulnerability in the SNMP daemon of Juniper Networks Junos OS and Junos OS Evolved causes memory leaks and process crashes triggered by authenticated SNMPv3 queries.

CWE-787 - Out-of-bounds Write
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

An unchecked input vulnerability in Juniper Networks Junos OS on MX Series allows unauthenticated adjacent attackers to cause Denial-of-Service by triggering Micro-BFD session flaps that overload event processing, leading to FPC crashes and service outages.

CWE-606 - Unchecked Input for Loop Condition
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

A vulnerability in Juniper Networks Junos OS and Junos OS Evolved routing protocol daemon allows unauthenticated attackers to cause a Denial-of-Service by sending malformed BGP updates, triggering RPD crashes and service outages in versions 25.2 before 25.2R2.

CWE-754 - Improper Check for Unusual or Exceptional Conditions
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

A Missing Authorization vulnerability in Juniper Networks Junos OS on EX Series switches allows a local, authenticated attacker without special permissions to execute privileged CLI commands causing Denial-of-Service (DoS).

CWE-862 - Missing Authorization
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

A vulnerability in Juniper Networks Junos OS Evolved allows unauthenticated network attackers to access an internal process via an open port, resulting in limited information disclosure and increased CPU usage.

CWE-923 - Improper Restriction of Communication Channel to Intended Endpoints
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

A vulnerability in Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial-of-Service by triggering incorrect packet size calculation and FPC reset, affecting MAP-T and non-IP encapsulated traffic.

CWE-1284 - Improper Validation of Specified Quantity in Input
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

A vulnerability in Juniper Networks Junos OS on QFX10000 Series allows unauthenticated adjacent attackers to cause Denial-of-Service by flooding IPv6 multicast traffic in EVPN-VxLAN environments, affecting versions prior to specific 23.x and 24.x patches.

CWE-754 - Improper Check for Unusual or Exceptional Conditions
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

An Out-of-bounds Write vulnerability in the http-gatekeeper of Juniper SRX Series devices with remote-access VPN pre-logon compliance check allows unauthenticated attackers to cause Denial-of-Service by crashing the http-gk process, disrupting web-management and firewall authentication services.

CWE-787 - Out-of-bounds Write
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

A Denial-of-Service vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS on MX with SPC3 and SRX Series allows an unauthenticated attacker to cause a crash and restart via a crafted TCP packet, impacting multiple services.

CWE-754 - Improper Check for Unusual or Exceptional Conditions
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

A vulnerability in the TCP proxy plugin of Juniper Networks Junos OS on MX Series with SPC3 and SRX Series allows an unauthenticated attacker to cause a Denial of Service by sending malformed TCP packets that crash and restart the flow processing daemon.

CWE-1284 - Improper Validation of Specified Quantity in Input
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

A vulnerability in the IKE daemon (iked) of Juniper Networks Junos OS on MX with SPC3 and SRX Series causes a Denial-of-Service by crashing the iked process during numerous failed VPN negotiations, requiring a system reboot to restore service.

CWE-694 - Use of Multiple Resources with Duplicate Identifier
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

A local low-privileged attacker can cause a Denial-of-Service by crashing the l2ald process on Juniper Networks Junos OS and Junos OS Evolved EX, QFX, and MX Series devices using a crafted 'show l2-learning' command, disrupting layer 2 services until restart.

CWE-466 - Return of Pointer Value Outside of Expected Range
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

A vulnerability in the SIP plugin of Juniper Networks Junos OS on MX Series with SPC3 and SRX Series allows an unauthenticated attacker to cause a Denial-of-Service by crashing the flow processing daemon when SIP ALG processes a malformed SIP invite packet.

CWE-1286 - Improper Validation of Syntactic Correctness of Input
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

A memory leak vulnerability in Juniper Junos OS on EX4100 and EX4400 Series devices, triggered by sFlow multicast configuration in a Virtual Chassis setup, can cause FPC crashes and Denial-of-Service by an unauthenticated adjacent attacker.

CWE-401 - Missing Release of Memory after Effective Lifetime
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

A vulnerability in Juniper Networks Junos OS Evolved before version 23.2R2-EVO allows unauthenticated attackers to cause license exhaustion by exploiting an improperly initialized process accessible via an open network port.

CWE-923 - Improper Restriction of Communication Channel to Intended Endpoints
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

A Missing Synchronization vulnerability in Juniper Networks Junos OS Evolved on QFX Series allows an adjacent, unauthenticated attacker to cause a Denial-of-Service by crashing the evo-pfemand process during simultaneous sFlow collector reachability changes and next-hop data access.

CWE-820 - Missing Synchronization
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

A race condition vulnerability in Juniper Junos OS on SRX Series causes excessive flow timeouts, leading to an accumulation of invalidated sessions that can result in denial-of-service or system reboot.

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

A vulnerability in Juniper Networks Junos OS on MX Series hardware allows adjacent subscribers on static interfaces to bypass ingress firewall filters, disabling protocol and bandwidth enforcement across multiple Junos OS versions from 23.2 to 25.2.

CWE-754 - Improper Check for Unusual or Exceptional Conditions
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

A vulnerability in Juniper Networks Junos OS on EX Series devices allows authenticated low-privilege attackers to cause Denial-of-Service by subscribing to unsupported telemetry sensor paths via gRPC, leading to FPC crashes and service outages.

CWE-236 - Improper Handling of Undefined Parameters
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*

A vulnerability in the URL filtering plugin of Juniper Networks Junos OS on MX Series allows unauthenticated attackers to bypass web filtering and access restricted downstream resources via specially crafted URL requests.

CWE-706 - Use of Incorrectly-Resolved Name or Reference
Affected products
Product Identifier Version Remediation
vers:unknown/*
Juniper Networks / Junos OS
vers:unknown/*
vers:unknown/*
Juniper Networks / Junos OS Evolved
vers:unknown/*
References
URL Category
https://supportportal.juniper.net/JSA110072 external
https://supportportal.juniper.net/JSA110073 external
https://supportportal.juniper.net/JSA110074 external
https://supportportal.juniper.net/JSA110075 external
https://supportportal.juniper.net/JSA110076 external
https://supportportal.juniper.net/JSA110077 external
https://supportportal.juniper.net/JSA110078 external
https://supportportal.juniper.net/JSA110079 external
https://supportportal.juniper.net/JSA110080 external
https://supportportal.juniper.net/JSA110081 external
https://supportportal.juniper.net/JSA110082 external
https://supportportal.juniper.net/JSA110083 external
https://supportportal.juniper.net/JSA110084 external
https://supportportal.juniper.net/JSA110085 external
https://supportportal.juniper.net/JSA110086 external
https://supportportal.juniper.net/JSA110087 external
https://supportportal.juniper.net/JSA110088 external
https://supportportal.juniper.net/JSA110089 external
https://supportportal.juniper.net/JSA110090 external
https://supportportal.juniper.net/JSA110091 external
https://supportportal.juniper.net/JSA110092 external
https://supportportal.juniper.net/JSA110093 external
https://vulnerabilities.ncsc.nl/csaf/v2/2020/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… self

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Juniper heeft meerdere kwetsbaarheden verholpen in Junos OS en Junos OS Evolved, specifiek voor MX Series, PTX Series, QFX Series, EX Series, SRX Series en QFX10000 Series apparaten.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden betreffen verschillende componenten binnen Junos OS en Junos OS Evolved, waaronder de packet forwarding engine, routing protocol daemon, management daemon, SNMP daemon, http-gatekeeper, TCP proxy plugin, IKE daemon, fileio library, SIP plugin, URL filtering plugin en CLI. Exploitatie kan leiden tot geheugenbeschadiging, crashes van processen zoals mgd, rpd, flow processing daemon, l2ald, en FPC, wat resulteert in Denial-of-Service (DoS) condities. Sommige kwetsbaarheden kunnen door lokale gebruikers met beperkte rechten worden misbruikt om code uit te voeren of processen te laten crashen. Andere kwetsbaarheden kunnen door niet-geauthenticeerde aanvallers via netwerkverkeer worden misbruikt om processen te laten crashen, informatie te lekken, licentie-uitputting te veroorzaken of firewallregels te omzeilen. Specifieke hardwaremodellen en softwareversies zijn getroffen, zoals MX Series met SPC3, SRX Series, EX Series (EX2300, EX4000, EX4100, EX4400), QFX Series, PTX Series en QFX10000 Series. Sommige kwetsbaarheden vereisen handmatige herstart van systemen of processen om normale werking te herstellen. De problemen zijn aanwezig in versies voorafgaand aan de gepubliceerde patches en updates.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Juniper heeft updates uitgebracht om de kwetsbaarheden in Junos OS en Junos OS Evolved te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Handling of Undefined Parameters",
        "title": "CWE-236"
      },
      {
        "category": "general",
        "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
        "title": "CWE-362"
      },
      {
        "category": "general",
        "text": "Missing Release of Memory after Effective Lifetime",
        "title": "CWE-401"
      },
      {
        "category": "general",
        "text": "Return of Pointer Value Outside of Expected Range",
        "title": "CWE-466"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Unchecked Input for Loop Condition",
        "title": "CWE-606"
      },
      {
        "category": "general",
        "text": "Use of Multiple Resources with Duplicate Identifier",
        "title": "CWE-694"
      },
      {
        "category": "general",
        "text": "Use of Incorrectly-Resolved Name or Reference",
        "title": "CWE-706"
      },
      {
        "category": "general",
        "text": "Improper Check for Unusual or Exceptional Conditions",
        "title": "CWE-754"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Missing Synchronization",
        "title": "CWE-820"
      },
      {
        "category": "general",
        "text": "Missing Authorization",
        "title": "CWE-862"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Communication Channel to Intended Endpoints",
        "title": "CWE-923"
      },
      {
        "category": "general",
        "text": "Improper Validation of Specified Quantity in Input",
        "title": "CWE-1284"
      },
      {
        "category": "general",
        "text": "Improper Validation of Syntactic Correctness of Input",
        "title": "CWE-1286"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110072"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110073"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110074"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110075"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110076"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110077"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110078"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110079"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110080"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110081"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110082"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110083"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110084"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110085"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110086"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110087"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110088"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110089"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110090"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110091"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110092"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/JSA110093"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Juniper Networks Junos OS en Junos OS Evolved",
    "tracking": {
      "current_release_date": "2026-07-13T05:24:43.174567Z",
      "generator": {
        "date": "2025-08-04T16:30:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.3"
        }
      },
      "id": "NCSC-2026-0224",
      "initial_release_date": "2026-07-13T05:24:43.174567Z",
      "revision_history": [
        {
          "date": "2026-07-13T05:24:43.174567Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-1"
                }
              }
            ],
            "category": "product_name",
            "name": "Junos OS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-2"
                }
              }
            ],
            "category": "product_name",
            "name": "Junos OS Evolved"
          }
        ],
        "category": "vendor",
        "name": "Juniper Networks"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-7450",
      "notes": [
        {
          "category": "description",
          "text": "Heap buffer overflow vulnerabilities in libfetch affecting FreeBSD versions prior to patches in 12.1, 12.0, and 11.3, as well as Juniper Networks Junos OS Evolved, arise from improper URL handling with username and/or password components, enabling potential code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-7450 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2020/cve-2020-7450.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2020-7450"
    },
    {
      "cve": "CVE-2026-21901",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        },
        {
          "category": "description",
          "text": "A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS and Junos OS Evolved management daemon allows a local high-privileged attacker to cause a Denial of Service by manipulating a specific SSH configuration parameter, leading to mgd process crashes and restarts.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/V:D/RE:M/U:Green",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21901 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21901.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-21901"
    },
    {
      "cve": "CVE-2026-33794",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Check for Unusual or Exceptional Conditions",
          "title": "CWE-754"
        },
        {
          "category": "description",
          "text": "A vulnerability in Juniper Networks Junos OS Evolved on PTX Series allows unauthenticated attackers to cause a Denial-of-Service by crashing the evo-aftmand process through malformed unilist ECMP routing updates, requiring manual system recovery.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:U/V:C/RE:M/U:Green",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-33794 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-33794.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-33794"
    },
    {
      "cve": "CVE-2026-33799",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "An Out-of-bounds Write vulnerability in the SNMP daemon of Juniper Networks Junos OS and Junos OS Evolved causes memory leaks and process crashes triggered by authenticated SNMPv3 queries.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/V:C/RE:M/U:Green",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-33799 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-33799.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-33799"
    },
    {
      "cve": "CVE-2026-33800",
      "cwe": {
        "id": "CWE-606",
        "name": "Unchecked Input for Loop Condition"
      },
      "notes": [
        {
          "category": "other",
          "text": "Unchecked Input for Loop Condition",
          "title": "CWE-606"
        },
        {
          "category": "description",
          "text": "An unchecked input vulnerability in Juniper Networks Junos OS on MX Series allows unauthenticated adjacent attackers to cause Denial-of-Service by triggering Micro-BFD session flaps that overload event processing, leading to FPC crashes and service outages.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-33800 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-33800.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-33800"
    },
    {
      "cve": "CVE-2026-33801",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Check for Unusual or Exceptional Conditions",
          "title": "CWE-754"
        },
        {
          "category": "description",
          "text": "A vulnerability in Juniper Networks Junos OS and Junos OS Evolved routing protocol daemon allows unauthenticated attackers to cause a Denial-of-Service by sending malformed BGP updates, triggering RPD crashes and service outages in versions 25.2 before 25.2R2.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-33801 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-33801.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-33801"
    },
    {
      "cve": "CVE-2026-33802",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authorization",
          "title": "CWE-862"
        },
        {
          "category": "description",
          "text": "A Missing Authorization vulnerability in Juniper Networks Junos OS on EX Series switches allows a local, authenticated attacker without special permissions to execute privileged CLI commands causing Denial-of-Service (DoS).",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-33802 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-33802.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-33802"
    },
    {
      "cve": "CVE-2026-33803",
      "cwe": {
        "id": "CWE-923",
        "name": "Improper Restriction of Communication Channel to Intended Endpoints"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Communication Channel to Intended Endpoints",
          "title": "CWE-923"
        },
        {
          "category": "description",
          "text": "A vulnerability in Juniper Networks Junos OS Evolved allows unauthenticated network attackers to access an internal process via an open port, resulting in limited information disclosure and increased CPU usage.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/AU:Y/R:U/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-33803 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-33803.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-33803"
    },
    {
      "cve": "CVE-2026-57019",
      "cwe": {
        "id": "CWE-1284",
        "name": "Improper Validation of Specified Quantity in Input"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Validation of Specified Quantity in Input",
          "title": "CWE-1284"
        },
        {
          "category": "description",
          "text": "A vulnerability in Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial-of-Service by triggering incorrect packet size calculation and FPC reset, affecting MAP-T and non-IP encapsulated traffic.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-57019 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-57019.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-57019"
    },
    {
      "cve": "CVE-2026-57020",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Check for Unusual or Exceptional Conditions",
          "title": "CWE-754"
        },
        {
          "category": "description",
          "text": "A vulnerability in Juniper Networks Junos OS on QFX10000 Series allows unauthenticated adjacent attackers to cause Denial-of-Service by flooding IPv6 multicast traffic in EVPN-VxLAN environments, affecting versions prior to specific 23.x and 24.x patches.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:U/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-57020 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-57020.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-57020"
    },
    {
      "cve": "CVE-2026-57021",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "An Out-of-bounds Write vulnerability in the http-gatekeeper of Juniper SRX Series devices with remote-access VPN pre-logon compliance check allows unauthenticated attackers to cause Denial-of-Service by crashing the http-gk process, disrupting web-management and firewall authentication services.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/AU:Y/R:A/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-57021 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-57021.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-57021"
    },
    {
      "cve": "CVE-2026-57022",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Check for Unusual or Exceptional Conditions",
          "title": "CWE-754"
        },
        {
          "category": "description",
          "text": "A Denial-of-Service vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS on MX with SPC3 and SRX Series allows an unauthenticated attacker to cause a crash and restart via a crafted TCP packet, impacting multiple services.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/R:A/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-57022 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-57022.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-57022"
    },
    {
      "cve": "CVE-2026-57023",
      "cwe": {
        "id": "CWE-1284",
        "name": "Improper Validation of Specified Quantity in Input"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Validation of Specified Quantity in Input",
          "title": "CWE-1284"
        },
        {
          "category": "description",
          "text": "A vulnerability in the TCP proxy plugin of Juniper Networks Junos OS on MX Series with SPC3 and SRX Series allows an unauthenticated attacker to cause a Denial of Service by sending malformed TCP packets that crash and restart the flow processing daemon.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-57023 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-57023.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-57023"
    },
    {
      "cve": "CVE-2026-57024",
      "cwe": {
        "id": "CWE-694",
        "name": "Use of Multiple Resources with Duplicate Identifier"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use of Multiple Resources with Duplicate Identifier",
          "title": "CWE-694"
        },
        {
          "category": "description",
          "text": "A vulnerability in the IKE daemon (iked) of Juniper Networks Junos OS on MX with SPC3 and SRX Series causes a Denial-of-Service by crashing the iked process during numerous failed VPN negotiations, requiring a system reboot to restore service.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/AU:Y/R:A/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-57024 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-57024.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-57024"
    },
    {
      "cve": "CVE-2026-57025",
      "cwe": {
        "id": "CWE-466",
        "name": "Return of Pointer Value Outside of Expected Range"
      },
      "notes": [
        {
          "category": "other",
          "text": "Return of Pointer Value Outside of Expected Range",
          "title": "CWE-466"
        },
        {
          "category": "description",
          "text": "A local low-privileged attacker can cause a Denial-of-Service by crashing the l2ald process on Juniper Networks Junos OS and Junos OS Evolved EX, QFX, and MX Series devices using a crafted \u0027show l2-learning\u0027 command, disrupting layer 2 services until restart.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-57025 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-57025.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-57025"
    },
    {
      "cve": "CVE-2026-57026",
      "cwe": {
        "id": "CWE-1286",
        "name": "Improper Validation of Syntactic Correctness of Input"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Validation of Syntactic Correctness of Input",
          "title": "CWE-1286"
        },
        {
          "category": "description",
          "text": "A vulnerability in the SIP plugin of Juniper Networks Junos OS on MX Series with SPC3 and SRX Series allows an unauthenticated attacker to cause a Denial-of-Service by crashing the flow processing daemon when SIP ALG processes a malformed SIP invite packet.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-57026 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-57026.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-57026"
    },
    {
      "cve": "CVE-2026-57027",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Release of Memory after Effective Lifetime",
          "title": "CWE-401"
        },
        {
          "category": "description",
          "text": "A memory leak vulnerability in Juniper Junos OS on EX4100 and EX4400 Series devices, triggered by sFlow multicast configuration in a Virtual Chassis setup, can cause FPC crashes and Denial-of-Service by an unauthenticated adjacent attacker.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-57027 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-57027.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-57027"
    },
    {
      "cve": "CVE-2026-57028",
      "cwe": {
        "id": "CWE-923",
        "name": "Improper Restriction of Communication Channel to Intended Endpoints"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Communication Channel to Intended Endpoints",
          "title": "CWE-923"
        },
        {
          "category": "description",
          "text": "A vulnerability in Juniper Networks Junos OS Evolved before version 23.2R2-EVO allows unauthenticated attackers to cause license exhaustion by exploiting an improperly initialized process accessible via an open network port.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/AU:Y/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-57028 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-57028.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-57028"
    },
    {
      "cve": "CVE-2026-57029",
      "cwe": {
        "id": "CWE-820",
        "name": "Missing Synchronization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Synchronization",
          "title": "CWE-820"
        },
        {
          "category": "description",
          "text": "A Missing Synchronization vulnerability in Juniper Networks Junos OS Evolved on QFX Series allows an adjacent, unauthenticated attacker to cause a Denial-of-Service by crashing the evo-pfemand process during simultaneous sFlow collector reachability changes and next-hop data access.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-57029 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-57029.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-57029"
    },
    {
      "cve": "CVE-2026-57030",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
          "title": "CWE-362"
        },
        {
          "category": "description",
          "text": "A race condition vulnerability in Juniper Junos OS on SRX Series causes excessive flow timeouts, leading to an accumulation of invalidated sessions that can result in denial-of-service or system reboot.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:U/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-57030 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-57030.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-57030"
    },
    {
      "cve": "CVE-2026-57031",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Check for Unusual or Exceptional Conditions",
          "title": "CWE-754"
        },
        {
          "category": "description",
          "text": "A vulnerability in Juniper Networks Junos OS on MX Series hardware allows adjacent subscribers on static interfaces to bypass ingress firewall filters, disabling protocol and bandwidth enforcement across multiple Junos OS versions from 23.2 to 25.2.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/AU:Y/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-57031 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-57031.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-57031"
    },
    {
      "cve": "CVE-2026-57032",
      "cwe": {
        "id": "CWE-236",
        "name": "Improper Handling of Undefined Parameters"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Undefined Parameters",
          "title": "CWE-236"
        },
        {
          "category": "description",
          "text": "A vulnerability in Juniper Networks Junos OS on EX Series devices allows authenticated low-privilege attackers to cause Denial-of-Service by subscribing to unsupported telemetry sensor paths via gRPC, leading to FPC crashes and service outages.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-57032 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-57032.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-57032"
    },
    {
      "cve": "CVE-2026-57054",
      "cwe": {
        "id": "CWE-706",
        "name": "Use of Incorrectly-Resolved Name or Reference"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use of Incorrectly-Resolved Name or Reference",
          "title": "CWE-706"
        },
        {
          "category": "description",
          "text": "A vulnerability in the URL filtering plugin of Juniper Networks Junos OS on MX Series allows unauthenticated attackers to bypass web filtering and access restricted downstream resources via specially crafted URL requests.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/AU:Y/R:A/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-57054 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-57054.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-57054"
    }
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…