8.7
CVE-2025-30645 - Junos OS: SRX Series: Transmission of specific control traffic sent out of a DS-Lite tunnel results…
A NULL Pointer Dereference vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an attacker causing specific, valid control traffic to be sent out of a Dual-Stack (DS) Lite tunnel to crash the flowd process, resulting in a Denial of Service (DoS). Continuous t…
7.7
CVE-2025-30644 - Junos OS: EX2300, EX3400, EX4000 Series, QFX5k Series: Receipt of a specific DHCP packet causes FPC…
A Heap-based Buffer Overflow vulnerability in the flexible PIC concentrator (FPC) of Juniper Networks Junos OS on EX2300, EX3400, EX4100, EX4300, EX4300MP, EX4400, EX4600, EX4650-48Y, and QFX5k Series allows an attacker to send a specific DHCP packet to the device, leading to an FPC crash and resta…
8.7
CVE-2025-21601 - Junos OS: SRX and EX Series, MX240, MX480, MX960, QFX5120 Series: When web management is enabled fo…
An Improper Following of Specification by Caller vulnerability in web management (J-Web, Captive Portal, 802.1X, Juniper Secure Connect (JSC) of Juniper Networks Junos OS on SRX Series, EX Series, MX240, MX480, MX960, QFX5120 Series, allows an unauthenticated, network-based attacker, sending genuin…
6
CVE-2025-21597 - Junos OS and Junos OS Evolved: When BGP rib-sharding and update-threading are configured and a peer…
An Improper Check for Unusual or Exceptional Conditions vulnerability in routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, logically adjacent BGP peer to cause Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, when BGP…
7.1
CVE-2025-21595 - Junos OS and Junos OS Evolved: In an EVPN-VXLAN scenario specific ARP or NDP packets cause FPC to c…
A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause an FPC to crash, leading to Denial of Service (DoS). On all Junos OS and Junos OS Evolved…
8.7
CVE-2025-21594 - Junos OS: MX Series: In DS-lite and NAT scenario receipt of crafted IPv6 traffic causes port block
An Improper Check for Unusual or Exceptional Conditions vulnerability in the pfe (packet forwarding engine) of Juniper Networks Junos OS on MX Series causes a port within a pool to be blocked leading to Denial of Service (DoS). In a DS-Lite (Dual-Stack Lite) and NAT (Network Address Translation) s…
7.1
CVE-2025-21591 - Junos OS: An unauthenticated adjacent attacker sending a malformed DHCP packet causes jdhcpd to cra…
A Buffer Access with Incorrect Length Value vulnerability in the jdhcpd daemon of Juniper Networks Junos OS, when DHCP snooping is enabled, allows an unauthenticated, adjacent, attacker to send a DHCP packet with a malformed DHCP option to cause jdhcp to crash creating a Denial of Service (DoS) con…
5.3
CVE-2025-26888 - WordPress WooCommerce Multilingual & Multicurrency plugin <= 5.3.8 - Broken Access Control vulnerab…
Missing Authorization vulnerability in Amir Helzer WooCommerce Multilingual & Multicurrency woocommerce-multilingual allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through <= 5.3.8.
4.3
CVE-2025-26902 - WordPress Brizy Pro plugin <= 2.6.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Brizy Brizy Pro allows Cross Site Request Forgery.This issue affects Brizy Pro: from n/a through 2.6.1.
4.3
CVE-2025-26901 - WordPress Brizy Pro plugin <= 2.6.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Brizy Brizy Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brizy Pro: from n/a through 2.6.1.