CVE-2026-21903

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 22.4R3-S7 Juniper Networks Junos OS versions prior to 23.2R2-S4 Juniper Networks Junos OS versions prior to 23.4R2

Description A Stack-based Buffer Overflow exists in the Packet Forwarding Engine (pfe) of Junos OS. A network-based attacker with low privileges can trigger a Denial-of-Service (DoS). Subscribing to telemetry sensors at scale causes all Flexible Packet Control (FPC) connections to drop, leading to an FPC crash and restart. The issue does not occur when YANG packages for the specific sensors are installed.

Recommendations Update to Junos OS version 22.4R3-S7 or later. Update to Junos OS version 23.2R2-S4 or later. Update to Junos OS version 23.4R2 or later.