CVE-2026-21918

CWE-4154 documents4 sources
Severity
8.7HIGH
EPSS
0.0%
top 95.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedJan 15

Description

A Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX and MX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). On all SRX and MX Series platforms, when during TCP session establishment a specific sequence of packets is encountered a double free happens. This causes flowd to crash and the respective FPC to restart. This issue affects Junos OS on SRX and MX Series: * all versions before 22.4R3-S7, * 23.2

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Affected Packages2 packages

CVEListV5juniper_networks/junos_os23.223.2R2-S3+3
NVDjuniper/junos< 22.4+4

🔴Vulnerability Details

2
CVEList
Junos OS: SRX and MX Series: When TCP packets occur in a specific sequence flowd crashes2026-01-15
GHSA
GHSA-9m47-29xf-m969: A Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX and MX Series allows an unauthenticated, network2026-01-15

📋Vendor Advisories

1
Juniper
CVE-2026-21918: A Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX and MX Series allows an unauthenticated, network2026-01-15
CVE-2026-21918 (HIGH CVSS 8.7) | A Double Free vulnerability in the | cvebase.io