Memory Leak Vulnerability in Junos OS on Juniper Networks EX Series Devices
CVE-2026-57027

7.1HIGH

Key Information:

Status
Vendor
CVE Published:
9 July 2026

Badges

👾 Exploit Exists

What is CVE-2026-57027?

A vulnerability in the packet forwarding engine of Juniper Networks Junos OS allows an unauthenticated adjacent attacker to exploit memory leaks during multicast traffic handling in Virtual Chassis scenarios. Specifically, when sFlow is configured, multicast traffic received on one member of an EX4100 or EX4400 series device can cause a memory leak when sent out another member, ultimately leading to a Denial-of-Service condition due to the crashing and restarting of the forwarding plane card (FPC). Continuous monitoring of buffer values can indicate the presence of this memory leak.

Affected Version(s)

Junos OS EX4100 Series 0 < 23.2R2-S7

Junos OS EX4100 Series 23.4 < 23.4R2-S7

Junos OS EX4100 Series 24.2 < 24.2R2-S4

References

CVSS V4

Score:
7.1
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.