Improper Handling of Exceptional Conditions in Juniper Networks Junos OS on SRX Series
CVE-2026-21906

8.7HIGH

Key Information:

Vendor

Juniper Networks
Status
Junos Os
Vendor
CVE Published:
15 January 2026

Badges

๐Ÿ‘พ Exploit Exists

What is CVE-2026-21906?

A vulnerability has been identified in the packet forwarding engine (PFE) of Juniper Networks' Junos OS that allows an unauthenticated network-based attacker to exploit specific conditions. When enabled, PowerMode IPsec (PMI) and GRE performance acceleration can lead to a situation where receipt of a targeted ICMP packet results in a crash and restart of the PFE. This behavior ultimately leads to traffic loss, raising significant concerns for network integrity and performance. It is important to note that PMI is typically enabled by default on supported SRX platforms. The vulnerability impacts several versions of SRX Series devices, necessitating prompt awareness and mitigation by network administrators.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Junos OS SRX Series 0 < 21.4R3-S12

Junos OS SRX Series 22.4 < 22.4R3-S8

Junos OS SRX Series 23.2 < 23.2R2-S5

References

https://supportportal.juniper.net/JSA106005
vendor-advisory
https://www.juniper.net/documentation/us/en/software/juno...
technical-description
https://kb.juniper.net/JSA106005
vendor-advisory

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.