CVE-2026-21910 — MEDIUM (6.5)

Q: How severe is CVE-2026-21910?

CVE-2026-21910 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2026-21910?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Ex4000, Juniper Ex4100, Juniper Ex4100-F, Juniper Ex4100-H.

Vulnerability Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on EX4k Series and QFX5k Series platforms allows an unauthenticated network-adjacent attacker flapping an interface to cause traffic between VXLAN Network Identifiers (VNIs) to drop, leading to a Denial of Service (DoS). On all EX4k and QFX5k platforms, a link flap in an EVPN-VXLAN configuration Link Aggregation Group (LAG) results in Inter-VNI traffic dropping when there are multiple load-balanced next-hop routes for the same destination. This issue is only applicable to systems that support EVPN-VXLAN Virtual Port-Link Aggregation Groups (VPLAG), such as the QFX5110, QFX5120, QFX5200, EX4100, EX4300, EX4400, and EX4650. Service can only be restored by restarting the affected FPC via the 'request chassis fpc restart slot <slot-number>' command. This issue affects Junos OS on EX4k and QFX5k Series: * all versions before 21.4R3-S12, * all versions of 22.2 * from 22.4 before 22.4R3-S8, * from 23.2 before 23.2R2-S5, * from 23.4 before 23.4R2-S5, * from 24.2 before 24.2R2-S3, * from 24.4 before 24.4R2.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Juniper	Junos	< 21.4
Juniper	Ex4000	-
Juniper	Ex4100	-
Juniper	Ex4100-F	-
Juniper	Ex4100-H	-
Juniper	Ex4300	-
Juniper	Ex4400	-
Juniper	Ex4600	-
Juniper	Ex4650	-
Juniper	Qfx5110	-
Juniper	Qfx5120	-
Juniper	Qfx5130	-
Juniper	Qfx5200	-
Juniper	Qfx5210	-
Juniper	Qfx5220	-
Juniper	Qfx5230-64Cd	-
Juniper	Qfx5240	-
Juniper	Qfx5241	-
Juniper	Qfx5700	-

Related Weaknesses (CWE)

CWE-754

References

https://kb.juniper.net/JSA106009Vendor Advisory
https://supportportal.juniper.net/JSA106009Vendor Advisory

FAQ

What is CVE-2026-21910?

CVE-2026-21910 is a vulnerability with a CVSS score of 6.5 (MEDIUM). An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on EX4k Series and QFX5k Series platforms allows an unauthentic...

How severe is CVE-2026-21910?

CVE-2026-21910 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-21910?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Ex4000, Juniper Ex4100, Juniper Ex4100-F, Juniper Ex4100-H.