Denial of Service Vulnerability in Juniper Networks Junos OS and Junos OS Evolved
CVE-2026-33797

7.1HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os; Junos Os Evolved
Vendor: CVE Published:; 9 April 2026

🔔 Create Juniper Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2026-33797?

An improper input validation vulnerability exists in Juniper Networks Junos OS and Junos OS Evolved. This flaw allows an unauthenticated, adjacent attacker to send a specific legitimate BGP packet within an established BGP session, resulting in the potential reset of that session. Repeated exploitation can lead to a sustained Denial of Service (DoS), impacting both eBGP and iBGP operations over IPv4 and IPv6 networks. It is essential for users of affected versions to apply necessary patches to mitigate risks.

Affected Version(s)

Junos OS 25.2 < 25.2R2

Junos OS Evolved 25.2 < 25.2R2-EVO

Junos OS 0 < 25.2R1

References

https://kb.juniper.net/JSA107850

vendor-advisory

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Apr 9, 2026
Vulnerability published
Apr 9, 2026
Vulnerability Reserved
Mar 23, 2026

CVE-2026-33797 Data

JSON