Improper Validation of Syntactic Correctness of Input in Junos OS - CVE-2026-57026
Published: July 8, 2026
Junos OS
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper validation of syntactic correctness of input error in the SIP plugin. A remote non-authenticated attacker can cause a Denial-of-Service (DoS).
If the SIP ALG is enabled on an affected device, the processing of a malformed SIP invite packet will cause a flow processing daemon (flowd) crash and restart.
This leads to a complete service outage until the system has automatically recovered.