CVSS: 8.4EPSS: 0%CPEs: 13EXPL: 0CVE-2026-33791 – Junos OS and Junos OS Evolved: Execution of crafted CLI commands allows for arbitrary shell injection as root
https://notcve.org/view.php?id=CVE-2026-33791
09 Apr 2026 — An OS Command Injection vulnerability in the CLI processing of Juniper Networks Junos OS and Junos OS Evolved allows a local, high-privileged attacker executing specific, crafted CLI commands to inject arbitrary shell commands as root, leading to a complete compromise of the system. Certain 'set system' commands, when executed with crafted arguments, are not properly sanitized, allowing for arbitrary shell injection. These shell commands are executed as root, potentially allowing for complete control of the... • https://kb.juniper.net/JSA107875 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.7EPSS: 0%CPEs: 13EXPL: 0CVE-2026-33790 – Junos OS: SRX Series: In a NAT64 configuration, receipt of a specific, malformed ICMPv6 packet will cause the srxpfe process to crash and restart.
https://notcve.org/view.php?id=CVE-2026-33790
09 Apr 2026 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an attacker sending a specific, malformed ICMPv6 packet to cause the srxpfe process to crash and restart. Continued receipt and processing of these packets will repeatedly crash the srxpfe process and sustain the Denial of Service (DoS) condition. During NAT64 translation, receipt of a specific, malformed ICMPv6 packet destined to the device will cause the srxpfe... • https://kb.juniper.net/JSA107874 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2026-33787 – Junos OS: SRX1500, SRX4100, SRX4200, SRX4600: When a specific show command is executed chassisd crashes
https://notcve.org/view.php?id=CVE-2026-33787
09 Apr 2026 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1500, SRX4100, SRX4200 and SRX4600 allows a local attacker with low privileges to cause a complete Denial of Service (DoS). When a specific 'show chassis' CLI command is executed, chassisd crashes and restarts which causes a momentary impact to all traffic until all modules are online again. This issue affects Junos OS on SRX1500, SRX4100, SRX4200 and SRX4600: * 2... • https://kb.juniper.net/JSA107873 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2026-33785 – Junos OS: MX Series: Missing Authorization for specific 'request' CLI commands in a JDM/CSDS scenario
https://notcve.org/view.php?id=CVE-2026-33785
09 Apr 2026 — A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on MX Series allows a local, authenticated user with low privileges to execute specific commands which will lead to a complete compromise of managed devices. Any user logged in, without requiring specific privileges, can issue 'request csds' CLI operational commands. These commands are only meant to be executed by high privileged or users designated for Juniper Device Manager (JDM) / Connected Security Distributed Services (CSDS) ... • https://kb.juniper.net/JSA107872 • CWE-862: Missing Authorization •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2026-33783 – Junos OS Evolved: PTX Series: If SRTE tunnels provisioned via PCEP are present and specific gRPC queries are received evo-aftmand crashes
https://notcve.org/view.php?id=CVE-2026-33783
09 Apr 2026 — A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series allows a network-based, authenticated attacker with low privileges to cause a complete Denial of Service (DoS). If colored SRTE policy tunnels are provisioned via PCEP, and gRPC is used to monitor traffic in these tunnels, evo-aftmand crashes and doesn't restart which leads to a complete and persistent service impact. The system has to be manually restarted to recover. The is... • https://kb.juniper.net/JSA107870 • CWE-686: Function Call With Incorrect Argument Type •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2026-33781 – Junos OS: EX Series, QFX Series: In a VXLAN scenario when specific control protocol packets are received, memory leaks and eventually no traffic is passed
https://notcve.org/view.php?id=CVE-2026-33781
09 Apr 2026 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX and QFX Series devices allow an unauthenticated, adjacent attacker to cause a complete Denial of Service (DoS). On EX4k, and QFX5k platforms configured as service-provider edge devices, if L2PT is enabled on the UNI and VSTP is enabled on NNI in VXLAN scenarios, receiving VSTP BPDUs on UNI leads to packet buffer allocation failures, resulting in the device t... • https://kb.juniper.net/JSA107869 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 8.7EPSS: 0%CPEs: 7EXPL: 0CVE-2026-33778 – Junos OS: SRX Series, MX Series: When a specifically malformed first ISAKMP packet is received kmd/iked crashes
https://notcve.org/view.php?id=CVE-2026-33778
09 Apr 2026 — An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a complete Denial-of-Service (DoS). If an affected device receives a specifically malformed first ISAKMP packet from the initiator, the kmd/iked process will crash and restart, which momentarily prevents new security associations (SAs) for from being established. Repeated exploitati... • https://kb.juniper.net/JSA107868 • CWE-1286: Improper Validation of Syntactic Correctness of Input •
CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 0CVE-2026-33776 – Junos OS and Junos OS Evolved: Specific low privileged CLI command exposes sensitive information
https://notcve.org/view.php?id=CVE-2026-33776
09 Apr 2026 — A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS and Junos OS Evolved allows a local user with low privileges to read sensitive information. A local user with low privileges can execute the CLI command 'show mgd' with specific arguments which will expose sensitive information. This issue affects Junos OS: * all versions before 22.4R3-S8, * 23.2 versions before 23.2R2-S6, * 23.4 versions before 23.4R2-S6, * 24.2 versions before 24.2R2-S4, * 24.4 versions before 24.4R2-S1, * 25.2 ... • https://kb.juniper.net/JSA107866 • CWE-862: Missing Authorization •
CVSS: 6.9EPSS: 0%CPEs: 4EXPL: 0CVE-2026-33774 – Junos OS: MX Series: Firewall filters on lo0.<non-0> in the default routing instance are not in effect
https://notcve.org/view.php?id=CVE-2026-33774
09 Apr 2026 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the configured firewall filter and access the control-plane of the device. On MX platforms with MPC10, MPC11, LC4800 or LC9600 line cards, and MX304, firewall filters applied on a loopback interface lo0.n (where n is a non-0 number) don't get executed when lo0.n is in the global VRF / default routing-... • https://kb.juniper.net/JSA107865 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2026-33797 – Junos OS and Junos OS Evolved: An attacker sending a specific genuine BGP packet causes a BGP reset
https://notcve.org/view.php?id=CVE-2026-33797
09 Apr 2026 — An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already established BGP session to reset only that session causing a Denial of Service (DoS). An attacker repeatedly sending the packet will sustain the Denial of Service (DoS).This issue affects Junos OS: * 25.2 versions before 25.2R2 This issue doesn't not affected Junos OS versions before 25.2R1. This issue affects Junos OS ... • https://kb.juniper.net/JSA107850 • CWE-20: Improper Input Validation •