Skip to main content
CVE-2026-22775 HIGH PATCH This Week

Denial of service in Svelte devalue library versions 5.1.0 through 5.6.1 allows remote attackers to exhaust CPU and memory resources by supplying malformed input to the parse function, affecting applications that process untrusted serialized data. The vulnerability stems from insufficient validation of ArrayBuffer inputs during deserialization. Applications should upgrade to version 5.6.2 or later.

Denial Of Service Devalue
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-22774 HIGH PATCH This Week

Denial of service in Svelte devalue versions 5.3.0 through 5.6.1 allows remote attackers to exhaust CPU and memory resources by supplying malformed input to the parse function, affecting applications that process untrusted data. The vulnerability stems from insufficient validation of typed array inputs before hydration, enabling attackers to trigger excessive resource consumption. Update to version 5.6.2 or later to remediate.

Denial Of Service Devalue
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-21920 HIGH This Week

Denial-of-service attacks against Juniper SRX Series devices running Junos OS 23.4 through 24.4 can be triggered remotely by sending a maliciously crafted DNS request, causing the flowd process to crash and interrupt service until recovery completes. The vulnerability stems from an unchecked return value in the DNS module that allows unauthenticated, network-based attackers to exploit DNS-enabled SRX configurations without any user interaction. No patch is currently available for affected versions.

Juniper DNS Denial Of Service Junos
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-21918 HIGH This Week

Juniper Networks Junos OS on SRX and MX Series is vulnerable to a double free condition in the flow processing daemon that an unauthenticated network attacker can trigger via a specific TCP packet sequence, causing the daemon to crash and the Fabric Routing Card to restart. This denial-of-service vulnerability affects all versions before 22.4R3-S7, 23.2 before 23.2R2-S3, 23.4 before 23.4R2-S4, and 24.2 before 24.2R2, with no patch currently available. An attacker on the network can exploit this vulnerability without authentication or user interaction to disrupt service availability.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-21913 HIGH This Week

Unauthenticated network-based attackers can cause a denial of service on Juniper EX4000-48T, EX4000-48P, and EX4000-48MP switches by sending high-volume traffic that crashes the FXPC component and forces a device restart. The vulnerability stems from improper resource initialization in the Internal Device Manager and results in complete service outage until automatic recovery completes. Affected versions include Junos OS 24.4 before 24.4R2 and 25.2 before 25.2R1, with no patch currently available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-21905 HIGH This Week

Denial of service in Juniper Junos SIP application layer gateway allows unauthenticated remote attackers to crash critical processes by sending malformed SIP messages over TCP, affecting SRX Series and MX Series devices with specific service cards. The vulnerability exploits improper header parsing that triggers an infinite loop and watchdog timer expiration, disabling network traffic flow without requiring authentication or user interaction. No patch is currently available for this high-severity flaw.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-60003 HIGH This Week

A Buffer Over-read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). [CVSS 7.5 HIGH]

Juniper Buffer Overflow Denial Of Service Junos Os Evolved Junos
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2024-48077 HIGH This Week

An issue in nanomq v0.22.7 allows attackers to cause a Denial of Service (DoS) via a crafted request. The number of data packets received in the recv-q queue of the Nanomq process continues to increase, causing the nanomq broker to fall into a deadlock and be unable to provide normal services. [CVSS 7.5 HIGH]

Denial Of Service Nanomq
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-21914 HIGH This Week

Juniper SRX Series devices are vulnerable to denial-of-service attacks when processing malformed GTP Modify Bearer Request messages, which trigger an improper lock condition that freezes packet processing threads and causes watchdog timeouts. An unauthenticated network attacker can exploit this without user interaction to crash the forwarding processor and cause complete traffic outages requiring device restart. No patch is currently available for affected Junos OS versions.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-59960 HIGH This Week

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Juniper DHCP service (jdhcpd) of Juniper Networks Junos OS and Junos OS Evolved allows a DHCP client in one subnet to exhaust the address pools of other subnets, leading to a Denial of Service (DoS) on the downstream DHCP server. By default, the DHCP relay agent inserts its own Option 82 information when forwarding client requests, optionally replacing any Option 82 information provided by the client. When a speci...

Juniper Denial Of Service Junos Junos Os Evolved
NVD
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-0897 HIGH PATCH GHSA This Week

Memory-exhaustion denial of service in Google Keras 3.0.0 through 3.13.0 lets a remote attacker crash the Python interpreter by getting a victim to load a malicious .keras model archive. The crafted archive embeds a valid model.weights.h5 HDF5 file whose dataset declares an enormously large shape, so the weight loader attempts to allocate unbounded memory during deserialization. There is no public exploit identified at time of analysis, EPSS risk is low (0.03%), and a vendor fix is available.

Google Python Denial Of Service Keras
NVD GitHub VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-21908 HIGH This Week

Juniper Junos OS and Junos OS Evolved contain a use-after-free vulnerability in the 802.1X authentication daemon that allows authenticated, network-adjacent attackers to crash the process or achieve arbitrary code execution as root by triggering specific port state changes. Exploitation requires precise timing of a change-of-authorization event during port transitions, making reliable exploitation difficult but possible. Systems with 802.1X port-based network access control enabled are affected, and no patch is currently available.

Juniper Use After Free Denial Of Service Junos Junos Os Evolved
NVD
CVSS 3.1
7.1
EPSS
0.0%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy