Risky Cryptographic Algorithm Vulnerability in Juniper Networks Junos Space
CVE-2026-21907

8.2HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Space
Vendor: CVE Published:; 15 January 2026

🔔 Create Juniper Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2026-21907?

A vulnerability exists in Juniper Networks Junos Space, specifically within its TLS/SSL server. This issue allows the utilization of static key ciphers, thereby compromising the confidentiality of on-path traffic. Furthermore, these ciphers do not facilitate Perfect Forward Secrecy (PFS), which jeopardizes the long-term security of sensitive communications. This vulnerability affects all versions of Junos Space that predate 24.1R5, underscoring the urgency for an update to mitigate such risks.

Affected Version(s)

Junos Space 0 < 24.1R5

References

https://supportportal.juniper.net/JSA106006

vendor-advisory

https://kb.juniper.net/JSA106006

vendor-advisory

CVSS V4

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Jan 15, 2026
Vulnerability published
Jan 15, 2026
Vulnerability Reserved
Jan 5, 2026

CVE-2026-21907 Data

JSON