🔐 CVE Alert

CVE-2026-57029

MEDIUM 5.3

Junos OS Evolved: QFX Series: When sFlow collector reachability changes evo-pfemand process can crash

CVSS Score
5.3
EPSS Score
0.2%
EPSS Percentile
9th

A Missing Synchronization vulnerability in the flow collector handler of Juniper Networks Junos OS Evolved on QFX Series allows an adjacent, unauthenticated attacker to cause a Denial-of-Service (DoS). When the reachability of an sFlow collector changes, the corresponding next-hop entry is updated. If this update occurs simultaneously with the sFlow thread accessing the next-hop data (which is outside the attackers control), it causes the evo-pfemand process to crash, impacting all traffic forwarding until the automatic process restart has completed. This issue affects Junos OS Evolved on QFX Series: * all 23.2 versions,  * 23.4 versions before 23.4R2-S7-EVO, * 24.2 versions before 24.2R2-S5-EVO, * 24.4 versions before 24.4R2-S3-EVO, * 25.2 versions before 25.2R2-EVO.

CWE CWE-820
Vendor juniper networks
Product junos os evolved
Published Jul 9, 2026
Last Updated Jul 10, 2026
Stay Ahead of the Next One

Get instant alerts for juniper networks junos os evolved

Be the first to know when new medium vulnerabilities affecting juniper networks junos os evolved are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Adjacent
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Affected Versions

Juniper Networks / Junos OS Evolved
0 < 23.4R2-S7-EVO 24.2 < 24.2R2-S5-EVO 24.4 < 24.4R2-S3-EVO 25.2 < 25.2R2-EVO

References

NVD ↗ CVE.org ↗ EPSS Data ↗
supportportal.juniper.net: https://supportportal.juniper.net/JSA110089