CVE-2026-33782

MEDIUM 6.5

Junos OS: MX Series: In specific DHCPv6 scenarios jdhcpd memory increases continuously with subscriber logouts

CVSS Score

6.5

EPSS Score

0.0%

EPSS Percentile

11th

A Missing Release of Memory after Effective Lifetime vulnerability in the DHCP daemon (jdhcpd) of Juniper Networks Junos OS on MX Series, allows an adjacent, unauthenticated attacker to cause a memory leak, that will eventually cause a complete Denial-of-Service (DoS). In a DHCPv6 over PPPoE, or DHCPv6 over VLAN with Active lease query or Bulk lease query scenario, every subscriber logout will leak a small amount of memory. When all available memory has been exhausted, jdhcpd will crash and restart which causes a complete service impact until the process has recovered. The memory usage of jdhcpd can be monitored with: user@host> show system processes extensive | match jdhcpd This issue affects Junos OS: * all versions before 22.4R3-S1, * 23.2 versions before 23.2R2, * 23.4 versions before 23.4R2.

CWE	CWE-401
Vendor	juniper networks
Product	junos os
Published	Apr 9, 2026
Last Updated	Apr 13, 2026

Stay Ahead of the Next One

Get instant alerts for juniper networks junos os

Be the first to know when new medium vulnerabilities affecting juniper networks junos os are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Affected Versions

Juniper Networks / Junos OS

0 < 22.4R3-S1 23.2 < 23.2R2 23.4 < 23.4R2

References

NVD ↗ CVE.org ↗ EPSS Data ↗

kb.juniper.net: https://kb.juniper.net/JSA107820