|
21
|
7.3 |
HIGH
Local
|
juniper
|
junos
|
A UNIX Symbolic Link (Symlink) Following vulnerability in the CLI of Juniper Networks Junos OS allows a local, authenticated attacker with low privileges to escalate their privileges to root which wi…
Update
|
CWE-61
UNIX Symbolic Link (Symlink) Following
|
CVE-2026-21916
|
2026-04-18 03:05 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
22
|
6.5 |
MEDIUM
Network
|
juniper
|
junos
junos_os_evolved
|
An Incorrect Synchronization vulnerability in the management daemon (mgd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based attacker with low privileges to cause a complete Den…
Update
|
CWE-821
Incorrect Synchronization
|
CVE-2026-21919
|
2026-04-18 03:04 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
23
|
6.5 |
MEDIUM
Adjacent
|
juniper
|
junos
junos_os_evolved
|
A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated…
Update
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-33780
|
2026-04-18 02:59 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
24
|
5.8 |
MEDIUM
Network
|
juniper
|
junos
|
An Incorrect Initialization of Resource vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX Series and QFX Series device allows an unauthenticated, network…
Update
|
NVD-CWE-Other
|
CVE-2026-33773
|
2026-04-18 02:56 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
25
|
6.5 |
MEDIUM
Adjacent
|
juniper
|
junos
|
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX and QFX Series devices allow an unauthenticated…
Update
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2026-33781
|
2026-04-18 02:53 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
26
|
6.5 |
MEDIUM
Adjacent
|
juniper
|
junos
|
A Missing Release of Memory after Effective Lifetime vulnerability in the BroadBand Edge subscriber management daemon (bbe-smgd) of Juniper Networks Junos OS on MX Series allows an adjacent, unauthen…
Update
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-33775
|
2026-04-18 02:40 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
27
|
6.5 |
MEDIUM
Adjacent
|
juniper
|
junos
|
A Missing Release of Memory after Effective Lifetime vulnerability in the DHCP daemon (jdhcpd) of Juniper Networks Junos OS on MX Series, allows an adjacent, unauthenticated attacker to cause a memor…
Update
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-33782
|
2026-04-18 02:39 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
28
|
6.5 |
MEDIUM
Network
|
praison
|
praisonai
|
PraisonAI is a multi-agent teams system. Prior to 4.5.128, the _safe_extractall() function in PraisonAI's recipe registry validates archive members against path traversal attacks but performs no chec…
Update
|
CWE-409
Improper Handling of Highly Compressed Data (Data Amplification)
|
CVE-2026-40148
|
2026-04-18 02:38 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
29
|
8.8 |
HIGH
Local
|
juniper
|
junos
|
A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on MX Series allows a local, authenticated user with low privileges to execute specific commands which will lead to a com…
Update
|
CWE-862
Missing Authorization
|
CVE-2026-33785
|
2026-04-18 02:38 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
30
|
3.1 |
LOW
Network
|
beszel
|
beszel
|
Beszel is a server monitoring platform. Prior to 0.18.7, some API endpoints in the Beszel hub accept a user-supplied system ID and proceed without further checks that the user should have access to t…
Update
|
CWE-184
Incomplete Blacklist
|
CVE-2026-40077
|
2026-04-18 02:37 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
