129
CVEs
7
Critical
64
High
1
KEV
1
PoC
46
Unpatched C/H
38.0%
Patch Rate
0.3%
Avg EPSS
Severity Breakdown
CRITICAL
7
HIGH
64
MEDIUM
58
LOW
0
Monthly CVE Trend
Affected Products (13)
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2025-21590 | A security vulnerability in An Improper (CVSS 6.7) that allows a local attacker with high privileges. Risk factors: actively exploited (KEV-listed). | MEDIUM | 6.7 | 0.9% | 94 |
KEV
No patch
|
| CVE-2026-48687 | OS command injection in FastNetMon Community Edition (through 1.2.9) lets attacker-controlled input reach an unescaped exec() call inside the Juniper router integration plugin, enabling arbitrary shell command execution on the host. The flaw lives in the _log() function of src/juniper_plugin/fastnetmon_juniper.php, where the $msg argument (built from argv[1]-argv[3]: attack IP, direction, power) is concatenated directly into a shell command. Although rated CVSS 9.8, practical exploitation is gated: FastNetMon's C++ core currently feeds IPs through inet_ntoa(), which only yields safe dotted-decimal strings, so injection requires the script to be driven directly or by a third-party orchestrator. There is no public exploit identified at time of analysis and it is not listed in CISA KEV. | CRITICAL | 9.8 | 0.1% | 49 |
No patch
|
| CVE-2025-52950 | CVE-2025-52950 is a Missing Authorization vulnerability in Juniper Networks Security Director that allows authenticated attackers to read and modify sensitive resources beyond their authorization level through the web interface. This affects Security Director version 24.4.1 and could enable lateral movement and compromise of downstream managed network devices. The vulnerability has a critical CVSS 9.6 score and represents a significant integrity and availability risk, though it requires valid credentials to exploit. | CRITICAL | 9.6 | 0.1% | 48 |
No patch
|
| CVE-2026-21902 | Incorrect permission assignment on critical resources in Juniper Networks On-Box Anomaly detection framework. Allows unauthorized modification of anomaly detection configuration, potentially disabling security monitoring. | CRITICAL | 9.3 | 0.3% | 47 |
No patch
|
| CVE-2026-33784 | Full device takeover in Juniper Networks Support Insights Virtual Lightweight Collector (vLWC) before 3.0.94 via hardcoded default credentials. The vLWC software ships with an unchangeable initial password for a high-privileged account with no enforced password change during provisioning, enabling unauthenticated remote attackers to gain complete system control. CVSS v4.0 score 9.3 (Critical). No public exploit identified at time of analysis. | CRITICAL | 9.3 | 0.0% | 47 |
|
| CVE-2025-21589 | Authentication bypass in Juniper Networks Session Smart Router and Conductor allows network-based attackers to gain administrative control without credentials. The vulnerability affects multiple versions of the routing platform used in enterprise SD-WAN deployments. | CRITICAL | 9.3 | 0.0% | 47 |
No patch
|
| CVE-2026-33771 | Juniper Networks CTP OS 9.2R1 and 9.2R2 fail to persist password complexity settings, enabling unauthenticated attackers to exploit predictable weak passwords on local accounts. The password management function allows administrators to configure complexity requirements but does not save these configurations, verifiable through 'Show password requirements' menu. This defect permits trivial passwords that attackers can brute-force remotely to gain full device control. No public exploit identified at time of analysis. | CRITICAL | 9.1 | 0.0% | 46 |
No patch
|
| CVE-2025-21601 | An Improper Following of Specification by Caller vulnerability in web management (J-Web, Captive Portal, 802.1X, Juniper Secure Connect (JSC) of Juniper Networks Junos OS on SRX Series, EX Series,. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. | HIGH | 8.7 | 0.5% | 44 |
No patch
|
| CVE-2025-30645 | A NULL Pointer Dereference vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an attacker causing specific, valid control traffic to be sent out of a. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. | HIGH | 8.7 | 0.4% | 44 |
No patch
|
| CVE-2025-30649 | An Improper Input Validation vulnerability in the syslog stream TCP transport of Juniper Networks Junos OS on MX240, MX480 and MX960 devices with MX-SPC3 Security Services Card allows an. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. | HIGH | 8.7 | 0.4% | 44 |
No patch
|
| CVE-2025-30651 | A Buffer Access with Incorrect Length Value vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. | HIGH | 8.7 | 0.4% | 44 |
No patch
|
| CVE-2025-30656 | An Improper Handling of Additional Special Element vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MS-MPC, MS-MIC and SPC3, and SRX Series, allows. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. | HIGH | 8.7 | 0.4% | 44 |
No patch
|
| CVE-2025-30658 | A Missing Release of Memory after Effective Lifetime vulnerability in the Anti-Virus processing of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. | HIGH | 8.7 | 0.4% | 44 |
No patch
|
| CVE-2025-30659 | An Improper Handling of Length Parameter Inconsistency vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. | HIGH | 8.7 | 0.4% | 44 |
No patch
|
| CVE-2025-30660 | An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. | HIGH | 8.7 | 0.4% | 44 |
No patch
|