CVE-2026-21906

CWE-755 — Improper Exception Handling4 documents4 sources

Severity

8.7HIGH

EPSS

0.0%

top 94.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos

Timeline

PublishedJan 15

Description

An Improper Handling of Exceptional Conditions vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated network-based attacker sending a specific ICMP packet through a GRE tunnel to cause the PFE to crash and restart. When PowerMode IPsec (PMI) and GRE performance acceleration are enabled and the device receives a specific ICMP packet, a crash occurs in the SRX PFE, resulting in traffic loss. PMI is enabled by default, and GRE perf…

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os22.4 — 22.4R3-S8+6

▶NVDjuniper/junos< 21.4+7

🔴Vulnerability Details

GHSA

GHSA-942f-w2gm-p948: An Improper Handling of Exceptional Conditions vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series allows a↗2026-01-15

▶

CVEList

Junos OS: SRX Series: With GRE performance acceleration enabled, receipt of a specific ICMP packet causes the PFE to crash↗2026-01-15

▶

📋Vendor Advisories

Juniper

CVE-2026-21906: An Improper Handling of Exceptional Conditions vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series allows a↗2026-01-15

▶