Unchecked Input for Loop Condition in Junos OS - CVE-2026-33800
Published: July 8, 2026
Junos OS
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to unchecked input for loop condition error in the Packet Forwarding Engine (pfe). A remote non-authenticated attacker can cause a Denial-of-Service (DoS).
Micro-BFD session flaps generate respective up/down events which are queued by PFEMAN for processing.
Especially in a Virtual-Chassis (VC) scenario with localitybias configured, processing takes a significant amount of time for each event.