Skip to content

RadicalNotion.AI

We do not sell or share your personal information

© 2026 RadicalNotion.AI

Security Data

CWE Directory
CAPEC Directory
CNA Directory
CNA Report Cards
Data Sources

Calculators

CVSS Calculator
CVSS 4.0
CVSS 3.1
CVSS 3.0
CVSS 2.0

Platform

My Vulnerabilities
Insights
Notifications
Account
Pricing

Learn

All guides
What is a CVE?
What is CVSS?
The CISA KEV catalog
What is EPSS?

Company

About us
Blog
Book a demo

Get Started

Sign up
Log in

Legal

Privacy
Terms

Security data

Weaknesses (CWE)The MITRE CWE weakness catalog
Attack Patterns (CAPEC)MITRE CAPEC attack patterns
CNAsNumbering authorities + report cards
VendorsVulnerabilities by vendor

Tools

CVSS CalculatorScore CVSS 4.0, 3.1, 3.0 & 2.0

Resources

LearnPlain-English security guides
Data SourcesHow we source CVE data

About Us Blog Pricing Book a Demo

Log in

Home
Vendors
Juniper Networks
Junos Os Evolved

Juniper Networks Junos OS Evolved Vulnerabilities: CVEs, CISA KEV & Security Advisories

Juniper Networks

246 CVEs

Juniper Networks Junos OS Evolved Vulnerabilities

CVE security advisories and vulnerability history for Junos OS Evolved by Juniper Networks.

246

Total CVEs

Published

0

In CISA KEV

Exploited in the wild

1

Public exploits

With known exploit

7.1

Avg CVSS

2020–2026

Last updated April 9, 2026

Overview

Juniper Networks Junos OS Evolved has 246 published CVE records since 2020, of which 0 are in CISA's Known Exploited Vulnerabilities catalog and 1 have a known public exploit. The average CVSS base score across scored CVEs is 7.1.

This page aggregates every publicly disclosed vulnerability (CVE) affecting Juniper Networks Junos OS Evolved, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list. Affected platforms include ACX 7000 Series, ACX Series, ACX5800, EX9200 Series, MX10000 Series, MX240, MX480, MX960, ACX7000 Series, ACX7024, ACX7024X.

Severity and exploitation

How the CVSS severity of Juniper Networks Junos OS Evolved's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical2

High144

Medium100

Low0

In CISA’s Known Exploited Vulnerabilities catalog

0

None of Juniper Networks Junos OS Evolved's CVEs are currently listed in CISA's KEV catalog.

Public exploits

1

One of Juniper Networks Junos OS Evolved's CVEs has a known public exploit available.

Affected versions and CVEs

Browse every Juniper Networks Junos OS Evolved version named in a CVE, then pick one to see only the CVEs that affect it.

Specific versions

19.2-EVO2 CVEs
21.2R1-EVO2 CVEs
19.3-EVO1 CVE
19.3-EVO 19.2-EVO1 CVE
19.4-EVO1 CVE
21.1R1-EVO1 CVE
21.3R1-EVO1 CVE
22.1R1-EVO1 CVE
22.2-EVO1 CVE
22.3-EVO1 CVE

Fixed in

Find a version

246 CVEs

Sort

Junos OS and Junos OS Evolved: Execution of crafted CLI commands allows for arbitrary shell injection as root
CVE-2026-33791
Patch
Workaround
CWE-78
High · CVSS 8.4
EPSS 0.0% (3th pct)2026-04-09
Junos OS Evolved: PTX Series: If SRTE tunnels provisioned via PCEP are present and specific gRPC queries are received evo-aftmand crashes
CVE-2026-33783
Patch
Workaround
CWE-686
High · CVSS 7.1
EPSS 0.1% (20th pct)2026-04-09
Junos OS and Junos OS Evolved: Specific low privileged CLI command exposes sensitive information
CVE-2026-33776
Patch
Workaround
CWE-862
Medium · CVSS 6.8
EPSS 0.0% (3th pct)2026-04-09
Junos OS and Junos OS Evolved: An attacker sending a specific genuine BGP packet causes a BGP reset
CVE-2026-33797
Patch
CWE-20
High · CVSS 7.4
EPSS 0.0% (12th pct)2026-04-09
Junos OS and Junos OS Evolved: In an EVPN-MPLS scenario churn of ESI routes causes a memory leak in l2ald
CVE-2026-33780
Patch
CWE-401
High · CVSS 7.1
EPSS 0.0% (6th pct)2026-04-09
Junos OS Evolved: Local, authenticated attacker can gain privileged access to FPCs
CVE-2026-33788
Patch
Workaround
CWE-306
High · CVSS 8.5
EPSS 0.0% (5th pct)2026-04-09
Junos OS and Junos OS Evolved: A high frequency of connecting and disconnecting NETCONF sessions causes management unavailability
CVE-2026-21919
Patch
Workaround
CWE-821
High · CVSS 7.1
EPSS 0.1% (16th pct)2026-04-09
Junos OS Evolved: QFX5000 Series and PTX Series: An attacker sending crafted multicast packets will cause evo-aftmand / evo-pfemand to crash and restart
CVE-2025-59969
Patch
CWE-120
High · CVSS 7.1
EPSS 0.0% (6th pct)2026-04-09
Junos OS and Junos OS Evolved: When an unsigned Python op script configuration is present, a local low privileged user can compromise the system
CVE-2026-33793
Patch
Workaround
CWE-250
High · CVSS 8.5
EPSS 0.0% (1th pct)2026-04-09
Junos OS Evolved: PTX Series: A vulnerability allows a unauthenticated, network-based attacker to execute code as root
CVE-2026-21902
Public exploit
Patch
Workaround
CWE-732
Critical · CVSS 9.8
EPSS 0.1% (27th pct)2026-02-25
Junos OS and Junos OS Evolved: When telemetry collectors are frequently subscribing and unsubscribing to sensors chassisd or rpd will crash
CVE-2026-21921
Patch
CWE-416
High · CVSS 7.1
EPSS 0.0% (6th pct)2026-01-15
Junos OS Evolved: Flapping management interface causes MAC learning on label-switched interfaces to stop
CVE-2026-21911
Patch
CWE-682
High · CVSS 7.1
EPSS 0.0% (1th pct)2026-01-15
Junos OS and Junos OS Evolved: Receipt of specific IS-IS update packet causes memory leak leading to RPD crash
CVE-2026-21909
Patch
CWE-401
High · CVSS 7.1
EPSS 0.0% (2th pct)2026-01-15
Junos OS and Junos OS Evolved: Use after free vulnerability In 802.1X authentication daemon can cause crash of the dot1xd process
CVE-2026-21908
Patch
CWE-416
High · CVSS 7.5
EPSS 0.0% (2th pct)2026-01-15
Junos OS and Junos OS Evolved: Optional transitive BGP attribute is modified before propagation to peers causing sessions to flap
CVE-2025-60011
Patch
CWE-754
Medium · CVSS 6.9
EPSS 0.0% (6th pct)2026-01-15
Junos OS and Junos OS Evolved: BGP update with a set of specific attributes causes rpd crash
CVE-2025-60003
Patch
CWE-126
High · CVSS 8.7
EPSS 0.0% (6th pct)2026-01-15
Junos OS and Junos OS Evolved: Unix socket used to control the jdhcpd process is world-writable
CVE-2025-59961
Patch
Workaround
CWE-732
Medium · CVSS 6.8
EPSS 0.0% (0th pct)2026-01-15
Junos OS and Junos OS Evolved: DHCP Option 82 messages from clients being passed unmodified to the DHCP server
CVE-2025-59960
Patch
CWE-754
High · CVSS 7.4
EPSS 0.0% (2th pct)2026-01-15
Junos OS and Junos OS Evolved: Executing a specific show command leads to an rpd crash
CVE-2025-59959
Patch
Workaround
CWE-822
Medium · CVSS 6.8
EPSS 0.0% (1th pct)2026-01-15
Junos OS and Junos OS Evolved: Device allows login for user with expired password
CVE-2025-60010
Patch
CWE-262
Medium · CVSS 5.4
EPSS 0.0% (13th pct)2025-10-09
Junos OS Evolved: OS command injection vulnerabilities fixed
CVE-2025-60006
Patch
CWE-78
Medium · CVSS 5.3
EPSS 0.1% (25th pct)2025-10-09
Junos OS and Junos OS Evolved: Specific BGP EVPN update message causes rpd crash
CVE-2025-60004
Patch
CWE-754
High · CVSS 8.7
EPSS 0.1% (21th pct)2025-10-09
Junos OS Evolved: ACX7024, ACX7024X, ACX7100-32C, ACX7100-48L, ACX7348, ACX7509: When specific valid multicast traffic is received on the L3 interface on a vulnerable device evo-pfemand crashes and restarts
CVE-2025-59967
Patch
CWE-476
High · CVSS 7.1
EPSS 0.0% (11th pct)2025-10-09
Junos OS and Junos OS Evolved: With BGP sharding enabled, change in indirect next-hop can cause RPD crash
CVE-2025-59962
Patch
Workaround
CWE-824
Medium · CVSS 6.0
EPSS 0.0% (6th pct)2025-10-09
Junos OS Evolved: PTX Series: When a firewall filter rejects traffic these packets are erroneously sent to the RE
CVE-2025-59958
Patch
Workaround
CWE-754
Medium · CVSS 6.9
EPSS 0.1% (18th pct)2025-10-09
Junos OS Evolved: PTX Series except PTX10003: An unauthenticated adjacent attacker sending specific valid traffic can cause a memory leak in cfmman leading to FPC crash and restart
CVE-2025-52961
Patch
CWE-400
High · CVSS 7.1
EPSS 0.1% (17th pct)2025-10-09
Junos OS and Junos OS Evolved: Privilege escalation to root via CLI command 'request system logout'
CVE-2025-52988
Patch
Workaround
CWE-78
High · CVSS 8.4
EPSS 0.1% (33th pct)2025-07-11
Junos OS and Junos OS Evolved: Annotate configuration command can be used to change the configuration
CVE-2025-52989
Patch
CWE-140
Medium · CVSS 6.8
EPSS 0.1% (25th pct)2025-07-11
Junos OS and Junos OS Evolved: When RIB sharding is configured each time a show command is executed RPD memory leaks
CVE-2025-52986
Patch
Workaround
CWE-401
Medium · CVSS 6.8
EPSS 0.1% (22th pct)2025-07-11
Junos OS Evolved: When a control-plane firewall filter refers to a prefix-list with more than 10 entries it's not matching
CVE-2025-52985
Patch
Workaround
CWE-480
Medium · CVSS 6.9
EPSS 0.1% (30th pct)2025-07-11

Showing 30 of 246

Common weakness types

The CWE weakness categories most often found in Juniper Networks Junos OS Evolved CVEs. Follow any weakness for its full explanation.

CWE-754Improper Check for Unusual or Exceptional Conditions25 CVEs
CWE-755Improper Handling of Exceptional Conditions21 CVEs
CWE-20Improper Input Validation13 CVEs
CWE-401Missing Release of Memory after Effective Lifetime13 CVEs
CWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')11 CVEs
CWE-416Use After Free10 CVEs
CWE-770Allocation of Resources Without Limits or Throttling8 CVEs
CWE-400Uncontrolled Resource Consumption6 CVEs

Disclosure activity by year

How many Juniper Networks Junos OS Evolved CVEs were published each year.

2020

18

2021

32

2022

32

2023

38

2024

73

2025

34

2026

19

Other Juniper Networks products

Browse vulnerabilities for other products by Juniper Networks.

Junos OS663 CVEs Junos Space49 CVEs NorthStar Controller Application19 CVEs Juniper ATP12 CVEs ScreenOS7 CVEs Contrail Service Orchestration5 CVEs Paragon Active Assurance5 CVEs Junos Space Security Director3 CVEs

All Juniper Networks vulnerabilities

Frequently asked questions

Common questions about Juniper Networks Junos OS Evolved vulnerabilities.

How many CVEs does Juniper Networks Junos OS Evolved have?

Juniper Networks Junos OS Evolved has 246 published CVE records since 2020.

How many Juniper Networks Junos OS Evolved CVEs are in CISA KEV?

None of Juniper Networks Junos OS Evolved's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.

Are there public exploits for Juniper Networks Junos OS Evolved vulnerabilities?

Yes — 1 of Juniper Networks Junos OS Evolved's CVEs have a known public exploit.

Which versions of Juniper Networks Junos OS Evolved are affected?

226 distinct Juniper Networks Junos OS Evolved versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.

What are the most common weakness types in Juniper Networks Junos OS Evolved CVEs?

Juniper Networks Junos OS Evolved's CVEs most often map to these CWE weakness types: CWE-754 (Improper Check for Unusual or Exceptional Conditions), CWE-755 (Improper Handling of Exceptional Conditions), CWE-20 (Improper Input Validation), CWE-401 (Missing Release of Memory after Effective Lifetime).

How many critical Juniper Networks Junos OS Evolved vulnerabilities are there?

Juniper Networks Junos OS Evolved has 2 critical and 144 high-severity CVEs.

What is the average severity of Juniper Networks Junos OS Evolved CVEs?

The average CVSS base score across Juniper Networks Junos OS Evolved's scored CVEs is 7.1.

References

All Juniper Networks vulnerabilities
The MITRE CVE Program (opens in a new tab)
Learn: What is a CVE?
CWE directory: the weakness types these CVEs map to

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track Juniper Networks Junos OS Evolved vulnerabilities

Monitor new Juniper Networks Junos OS Evolved vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing

On this page

Overview
Severity and exploitation
Affected versions and CVEs
Common weakness types
Disclosure activity
Other products
FAQ
References