CVE-2026-33781

CWE-7543 documents3 sources
Severity
7.1HIGH
EPSS
0.0%
top 96.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Juniper Networks Junos OS
Timeline
PublishedApr 9
Latest updateApr 10

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX and QFX Series devices allow an unauthenticated, adjacent attacker to cause a complete Denial of Service (DoS). On EX4k, and QFX5k platforms configured as service-provider edge devices, if L2PT is enabled on the UNI and VSTP is enabled on NNI in VXLAN scenarios, receiving VSTP BPDUs on UNI leads to packet buffer allocation failures, resulting in

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Affected Packages1 packages

CVEListV5juniper_networks/junos_os24.424.4R2+1

🔴Vulnerability Details

2
GHSA
GHSA-gv4f-m3jw-j3h9: An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific E2026-04-10
CVEList
Junos OS: EX Series, QFX Series: In a VXLAN scenario when specific control protocol packets are received, memory leaks and eventually no traffic is passed2026-04-09
CVE-2026-33781 (HIGH CVSS 7.1) | An Improper Check for Unusual or Ex | cvebase.io