Juniper Networks security patch release for CVE-2026-21902
Security Patch Release
Summary
Hide ▲
Show ▼
Juniper Networks has released fixes for CVE-2026-21902 in Junos OS Evolved on PTX Series routers, closing a flaw that could let an unauthenticated attacker run code as root. The vendor says fixed versions are 25.4R1-S1-EVO, 25.4R2-EVO, and 26.2R1-EVO. Administrators that cannot patch immediately should restrict access with firewall filters or ACLs, or disable the vulnerable service.
Related Happenings
Progress LoadMaster CVE-2026-8037 patch release
Security Patch Release
H score52
First: 30.06.2026 10:38
Last: 30.06.2026 10:38
Sources 1
About this happening:
**Progress** published fixed **LoadMaster** versions for **CVE-2026-8037**, closing a **pre-auth root command execution** path on appliances with the API enabled. Administrators r...
Progress LoadMaster CVE-2026-8037 patch release
Security Patch ReleaseAbout this happening: **Progress** published fixed **LoadMaster** versions for **CVE-2026-8037**, closing a **pre-auth root command execution** path on appliances with the API enabled. Administrators r...
SimpleHelp security update for CVE-2026-48558
Security Patch Release
H score65
First: 15.06.2026 23:06
Last: 15.06.2026 23:06
Sources 1
About this happening:
**SimpleHelp** released **5.5.16** and **6.0 RC2** on **June 9** to fix **CVE-2026-48558**, a critical **OIDC** authentication flaw in **SimpleHelp remote management software** th...
SimpleHelp security update for CVE-2026-48558
Security Patch ReleaseAbout this happening: **SimpleHelp** released **5.5.16** and **6.0 RC2** on **June 9** to fix **CVE-2026-48558**, a critical **OIDC** authentication flaw in **SimpleHelp remote management software** th...
Cisco security patch release for CVE-2026-20262
Security Patch Release
H score47
First: 15.06.2026 20:12
Last: 15.06.2026 20:12
Sources 1
About this happening:
**Cisco** released **security updates** for **CVE-2026-20262** in **Catalyst SD-WAN Manager**, covering multiple release trains after the zero-day was exploited to reach **root pr...
Cisco security patch release for CVE-2026-20262
Security Patch ReleaseAbout this happening: **Cisco** released **security updates** for **CVE-2026-20262** in **Catalyst SD-WAN Manager**, covering multiple release trains after the zero-day was exploited to reach **root pr...
SolarWinds Serv-U advisory and mitigations for CVE-2026-28318
Advisory/Mitigation
H score52
First: 06.06.2026 11:14
Last: 06.06.2026 11:14
Sources 1
About this happening:
**SolarWinds Serv-U** mitigation guidance now covers **CVE-2026-28318**, reducing **unauthenticated DoS** risk from specially crafted POST requests. SolarWinds says the flaw is ad...
SolarWinds Serv-U advisory and mitigations for CVE-2026-28318
Advisory/MitigationAbout this happening: **SolarWinds Serv-U** mitigation guidance now covers **CVE-2026-28318**, reducing **unauthenticated DoS** risk from specially crafted POST requests. SolarWinds says the flaw is ad...
Linux distros patch release for Fragnasia (CVE-2026-46300)
Security Patch Release
H score25
First: 14.05.2026 10:34
Last: 14.05.2026 10:34
Sources 1
About this happening:
Linux distros are rolling out **patches** for **CVE-2026-46300**, a high-severity kernel flaw that can let unprivileged local attackers gain **root** on vulnerable Linux systems....
Linux distros patch release for Fragnasia (CVE-2026-46300)
Security Patch ReleaseAbout this happening: Linux distros are rolling out **patches** for **CVE-2026-46300**, a high-severity kernel flaw that can let unprivileged local attackers gain **root** on vulnerable Linux systems....
Timeline
-
26.02.2026 18:42 2 articles · 4mo ago
Juniper Networks publishes fixes for CVE-2026-21902
Mitigation Patch UpdateJuniper Networks published fixes for CVE-2026-21902 affecting Junos OS Evolved on PTX Series routers, a flaw in the On-Box Anomaly Detection framework that could let an unauthenticated attacker reach an externally exposed port, execute code as root, and take full control of an affected device. Fixed releases are 25.4R1-S1-EVO, 25.4R2-EVO, and 26.2R1-EVO, and administrators unable to patch immediately were advised to restrict access with firewall filters or Access Control Lists (ACLs) or disable the vulnerable service with `request pfe anomalies disable`.
Show sources
- Critical Juniper Networks PTX flaw allows full router takeover — www.bleepingcomputer.com — 26.02.2026 18:42
- Critical Juniper Networks PTX flaw allows full router takeover — www.bleepingcomputer.com — 26.02.2026 18:42