CVE-2026-21903

15.01.2026, 21:16

A Stack-based Buffer Overflow vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a network-based attacker,authenticatedwith low privileges to cause a Denial-of-Service (DoS).



Subscribing to telemetry sensors at scale causes all FPC connections to drop, resulting in an FPC crash and restart.
The issue was not seen when YANG packages for the specific sensors were installed. 



This issue affects Junos OS:



  *  all versions before 22.4R3-S7,
  *  23.2 version before 23.2R2-S4,
  *  23.4 versions before 23.4R2.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.5 MEDIUM	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
juniper	CNA	6.5 MEDIUM	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Common Weakness Enumeration

CWE-121 - Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Vulnerability Media Exposure

[GERMAN] Juniper Junos OS, Junos Space: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in Juniper JUNOS und Juniper Junos Space ausnutzen, um falsche Informationen darzustellen, beliebigen Code mit Root-Rechten auszuführen, Daten zu manipulieren, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand zu verursachen.
Published: 2026-01-14T23:00:00+00:00

References

https://kb.juniper.net/JSA106022

https://supportportal.juniper.net/JSA106022