CVE-2026-21910

CWE-7544 documents4 sources
Severity
7.1HIGH
EPSS
0.0%
top 99.51%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedJan 15

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on EX4k Series and QFX5k Series platforms allows an unauthenticated network-adjacent attacker flapping an interface to cause traffic between VXLAN Network Identifiers (VNIs) to drop, leading to a Denial of Service (DoS). On all EX4k and QFX5k platforms, a link flap in an EVPN-VXLAN configuration Link Aggregation Group (LAG) results in Inter-VNI traffic droppi

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Affected Packages2 packages

CVEListV5juniper_networks/junos_os22.222.2*+6
NVDjuniper/junos< 21.4+7

🔴Vulnerability Details

2
CVEList
Junos OS: EX4k Series, QFX5k Series: In an EVPN-VXLAN configuration link flaps cause Inter-VNI traffic drop2026-01-15
GHSA
GHSA-fhh6-4pm2-6vqv: An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on EX4k Serie2026-01-15

📋Vendor Advisories

1
Juniper
CVE-2026-21910: An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on EX4k Serie2026-01-15
CVE-2026-21910 (HIGH CVSS 7.1) | An Improper Check for Unusual or Ex | cvebase.io