Total CVEs

145,923

Critical Severity

4,293

High Severity

15,785

Last 7 Days

2,179
Quick preset (or use dates below)
Clear Filters
📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →
Showing 23,921 - 23,940 of 42,328 CVEs
CVE-2026-33797 HIGH - 7.4

An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already established BGP session to reset only that session causing a Denial of Service (DoS). An attacker repeatedly...

Vendor: Juniper Networks
Product: Junos OS, Junos OS Evolved
Published: Apr 09, 2026
Source: NVD
CVE-2026-33793 HIGH - 7.8

An Execution with Unnecessary Privileges vulnerability in the User Interface (UI) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to gain root privileges, thus compromising the system. When a configuration that allows unsigned Python op scripts is present o...

Vendor: Juniper Networks
Product: Junos OS, Junos OS Evolved
Published: Apr 09, 2026
Source: NVD
CVE-2026-33791 MEDIUM - 6.7

An OS Command Injection vulnerability in the CLI processing of Juniper Networks Junos OS and Junos OS Evolved allows a local, high-privileged attacker executing specific, crafted CLI commands to inject arbitrary shell commands as root, leading to a complete compromise of the system. Certain 's...

Vendor: Juniper Networks
Product: Junos OS, Junos OS Evolved
Published: Apr 09, 2026
Source: NVD
CVE-2026-33790 HIGH - 7.5

An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an attacker sending a specific, malformed ICMPv6 packet to cause the srxpfe process to crash and restart. Continued receipt and processing of these packe...

Vendor: Juniper Networks
Product: Junos OS
Published: Apr 09, 2026
Source: NVD
CVE-2026-33788 HIGH - 7.8

A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators (FPCs) of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device. A local user with low privileges...

Vendor: Juniper Networks
Product: Junos OS Evolved
Published: Apr 09, 2026
Source: NVD
CVE-2026-33787 MEDIUM - 5.5

An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1500, SRX4100, SRX4200 and SRX4600 allows a local attacker with low privileges to cause a complete Denial of Service (DoS). When a specific 'show ch...

Vendor: Juniper Networks
Product: Junos OS
Published: Apr 09, 2026
Source: NVD
CVE-2026-33786 MEDIUM - 5.5

An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1600, SRX2300 and SRX4300 allows a local attacker with low privileges to cause a complete Denial of Service (DoS). When a specific 'show chassis...

Vendor: Juniper Networks
Product: Junos OS
Published: Apr 09, 2026
Source: NVD
CVE-2026-33785 HIGH - 8.8

A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on MX Series allows a local, authenticated user with low privileges to execute specific commands which will lead to a complete compromise of managed devices. Any user logged in, without requiring specific privileges, can ...

Vendor: Juniper Networks
Product: Junos OS
Published: Apr 09, 2026
Source: NVD
CVE-2026-33784 CRITICAL - 9.8

A Use of Default Password vulnerability in the Juniper Networks Support Insights (JSI) Virtual Lightweight Collector (vLWC) allows an unauthenticated, network-based attacker to take full control of the device. vLWC software images ship with an initial password for a high privileged account. A c...

Vendor: Juniper Networks
Product: JSI LWC
Published: Apr 09, 2026
Source: NVD
CVE-2026-33783 MEDIUM - 6.5

A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series allows a network-based, authenticated attacker with low privileges to cause a complete Denial of Service (DoS). If colored SRTE policy tunnels are provisioned via P...

Vendor: Juniper Networks
Product: Junos OS Evolved
Published: Apr 09, 2026
Source: NVD
CVE-2026-33782 MEDIUM - 6.5

A Missing Release of Memory after Effective Lifetime vulnerability in the DHCP daemon (jdhcpd) of Juniper Networks Junos OS on MX Series, allows an adjacent, unauthenticated attacker to cause a memory leak, that will eventually cause a complete Denial-of-Service (DoS). In a DHCPv6 over PPPoE, or DH...

Vendor: Juniper Networks
Product: Junos OS
Published: Apr 09, 2026
Source: NVD
CVE-2026-33781 MEDIUM - 6.5

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX and QFX Series devices allow an unauthenticated, adjacent attacker to cause a complete Denial of Service (DoS). On EX4k, and QFX5k platforms config...

Vendor: Juniper Networks
Product: Junos OS
Published: Apr 09, 2026
Source: NVD
CVE-2026-33780 MEDIUM - 6.5

A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service (DoS). In an EVPN-MPLS ...

Vendor: Juniper Networks
Product: Junos OS, Junos OS Evolved
Published: Apr 09, 2026
Source: NVD
CVE-2026-33779 MEDIUM - 6.5

An Improper Following of a Certificate's Chain of Trust vulnerability in J-Web of Juniper Networks Junos OS on SRX Series allows a PITM to intercept the communication of the device and get access to confidential information and potentially modify it. When an SRX device is provisioned to connec...

Vendor: Juniper Networks
Product: Junos OS
Published: Apr 09, 2026
Source: NVD
CVE-2026-33778 HIGH - 7.5

An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a complete Denial-of-Service (DoS). If an affected device receives a ...

Vendor: Juniper Networks
Product: Junos OS
Published: Apr 09, 2026
Source: NVD
CVE-2026-33776 MEDIUM - 5.5

A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS and Junos OS Evolved allows a local user with low privileges to read sensitive information. A local user with low privileges can execute the CLI command 'show mgd' with specific arguments which will expose sensi...

Vendor: Juniper Networks
Product: Junos OS, Junos OS Evolved
Published: Apr 09, 2026
Source: NVD
CVE-2026-33775 MEDIUM - 6.5

A Missing Release of Memory after Effective Lifetime vulnerability in the BroadBand Edge subscriber management daemon (bbe-smgd) of Juniper Networks Junos OS on MX Series allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). If the authentication packet-type option is con...

Vendor: Juniper Networks
Product: Junos OS
Published: Apr 09, 2026
Source: NVD
CVE-2026-33774 MEDIUM - 6.5

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the configured firewall filter and access the control-plane of the device. On MX platform...

Vendor: Juniper Networks
Product: Junos OS
Published: Apr 09, 2026
Source: NVD
CVE-2026-33773 MEDIUM - 5.8

An Incorrect Initialization of Resource vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX Series and QFX Series device allows an unauthenticated, network-based attacker to cause an integrity impact to downstream networks. When the same family inet or in...

Vendor: Juniper Networks
Product: Junos OS
Published: Apr 09, 2026
Source: NVD
CVE-2026-33771 HIGH - 7.4

A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the admi...

Vendor: Juniper Networks
Product: CTP OS
Published: Apr 09, 2026
Source: NVD