Out-of-bounds write in Junos OS - CVE-2026-57021
Published: July 8, 2026
Junos OS
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to out-of-bounds write in the http-gatekeeper (http-gk) process when handling specifically formatted requests. A remote attacker can send specially crafted requests to cause a denial of service.
Only devices configured for remote-access VPN with pre-logon compliance checks are vulnerable. The crash can make services depending on web-management unavailable until the process automatically restarts.