Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
13161
Total
872
Critical
3825
High
4173
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-33784 | CRITICAL | 9.8 | A Use of Default Password vulnerability in the Juniper Networks Support Insights (JSI) Virtual Lightweight Collector (vLWC) allows an unauthenticated, network-based attacker to take full … | Apr 09, 2026 |
| CVE-2026-33783 | MEDIUM | 6.5 | A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series allows a network-based, authenticated … | Apr 09, 2026 |
| CVE-2026-33782 | MEDIUM | 6.5 | A Missing Release of Memory after Effective Lifetime vulnerability in the DHCP daemon (jdhcpd) of Juniper Networks Junos OS on MX Series, allows an adjacent, … | Apr 09, 2026 |
| CVE-2026-33781 | MEDIUM | 6.5 | An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX and QFX … | Apr 09, 2026 |
| CVE-2026-33780 | MEDIUM | 6.5 | A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS … | Apr 09, 2026 |
| CVE-2026-33779 | MEDIUM | 6.5 | An Improper Following of a Certificate's Chain of Trust vulnerability in J-Web of Juniper Networks Junos OS on SRX Series allows a PITM to intercept … | Apr 09, 2026 |
| CVE-2026-33778 | HIGH | 7.5 | An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX … | Apr 09, 2026 |
| CVE-2026-33776 | MEDIUM | 5.5 | A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS and Junos OS Evolved allows a local user with low privileges to read … | Apr 09, 2026 |
| CVE-2026-33775 | MEDIUM | 6.5 | A Missing Release of Memory after Effective Lifetime vulnerability in the BroadBand Edge subscriber management daemon (bbe-smgd) of Juniper Networks Junos OS on MX Series … | Apr 09, 2026 |
| CVE-2026-33774 | MEDIUM | 6.5 | An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on MX Series allows an … | Apr 09, 2026 |
| CVE-2026-33773 | MEDIUM | 5.8 | An Incorrect Initialization of Resource vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX Series and QFX Series device … | Apr 09, 2026 |
| CVE-2026-33771 | HIGH | 7.4 | A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords … | Apr 09, 2026 |
| CVE-2026-21919 | MEDIUM | 6.5 | An Incorrect Synchronization vulnerability in the management daemon (mgd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based attacker with low privileges … | Apr 09, 2026 |
| CVE-2026-21916 | HIGH | 7.3 | A UNIX Symbolic Link (Symlink) Following vulnerability in the CLI of Juniper Networks Junos OS allows a local, authenticated attacker with low privileges to escalate … | Apr 09, 2026 |
| CVE-2026-21915 | MEDIUM | 6.7 | A Permissive List of Allowed Input vulnerability in the CLI of Juniper Networks Support Insights (JSI) Virtual Lightweight Collector (vLWC) allows a local, high privileged … | Apr 09, 2026 |
| CVE-2026-21904 | MEDIUM | 6.1 | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in … | Apr 09, 2026 |
| CVE-2025-59969 | MEDIUM | 6.5 | A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the advanced forwarding toolkit (evo-aftmand/evo-pfemand) of Juniper Networks Junos OS Evolved on … | Apr 09, 2026 |
| CVE-2025-13914 | HIGH | 8.7 | A Key Exchange without Entity Authentication vulnerability in the SSH implementation of Juniper Networks Apstra allows a unauthenticated, MITM attacker to impersonate managed devices. Due … | Apr 09, 2026 |
| CVE-2026-5980 | HIGH | 8.8 | A flaw has been found in D-Link DIR-605L 2.13B01. Affected by this issue is the function formSetMACFilter of the file /goform/formSetMACFilter of the component POST … | Apr 09, 2026 |
| CVE-2026-5979 | HIGH | 8.8 | A vulnerability was detected in D-Link DIR-605L 2.13B01. Affected by this vulnerability is the function formVirtualServ of the file /goform/formVirtualServ of the component POST Request … | Apr 09, 2026 |
| CVE-2026-5978 | CRITICAL | 9.8 | A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The … | Apr 09, 2026 |
| CVE-2026-5977 | CRITICAL | 9.8 | A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a … | Apr 09, 2026 |
| CVE-2026-5447 | UNKNOWN | — | Heap buffer overflow in CertFromX509 via AuthorityKeyIdentifier size confusion. A heap buffer overflow occurs when converting an X.509 certificate internally due to incorrect size handling … | Apr 09, 2026 |
| CVE-2026-5446 | UNKNOWN | — | In wolfSSL, ARIA-GCM cipher suites used in TLS 1.2 and DTLS 1.2 reuse an identical 12-byte GCM nonce for every application-data record. Because wc_AriaEncrypt is … | Apr 09, 2026 |
| CVE-2026-40109 | LOW | 3.1 | Flux notification-controller is the event forwarder and notification dispatcher for the GitOps Toolkit controllers. Prior to 1.8.3, the gcr Receiver type in Flux notification-controller does … | Apr 09, 2026 |