Report: CVE-2026-21921 - Junos OS and Junos OS Evolved: When telemetry collectors are frequently subscrib...

CVE ID : CVE-2026-21921 Published : Jan. 15, 2026, 9:16 p.m. | 54 minutes ago Description : A Use After Free vulnerability in the chassis daemon (chassisd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based attacker authenticated with low privileges to cause a Denial-of-Service (DoS). When telemetry collectors are frequently subscribing and unsubscribing to sensors continuously over a long period of time, telemetry-capable processes like chassisd, rpd or mib2d will crash and restart, which - depending on the process - can cause a complete outage until the system has recovered. This issue affects:  Junos OS:  * all versions before 22.4R3-S8, * 23.2 versions before 23.2R2-S5, * 23.4 versions before 23.4R2; Junos OS Evolved: * all versions before 22.4R3-S8-EVO, * 23.2 versions before 23.2R2-S5-EVO, * 23.4 versions before 23.4R2-EVO. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Source: Telegram CVE Monitor