wid-sec-w-2026-1022 · Published 2026-04-08 · View on BSI CERT-Bund ↗

Juniper Patchday April 2026: Multiple Vulnerabilities

CVSS N/A NONE

Risk Summary

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the `INDEX` of `NET-SNMP-VACM-MIB` can cause an out-of-bounds memory access. A user with read-only credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.

CVEs (28)

CVE-2022-24805 CVE-2025-30650 CVE-2025-59969 CVE-2026-21915 CVE-2026-21916 CVE-2026-21919 CVE-2026-33771 CVE-2026-33773 CVE-2026-33774 CVE-2026-33775 CVE-2026-33776 CVE-2026-33778 CVE-2026-33779 CVE-2026-33780 CVE-2026-33781 CVE-2026-33782 CVE-2026-33783 CVE-2026-33784 CVE-2026-33785 CVE-2026-33786 CVE-2026-33787 CVE-2026-33788 CVE-2026-33790 CVE-2026-33791 CVE-2026-33793 CVE-2026-33797 CVE-2026-21904 CVE-2025-13914

Affected Vendors

Juniper

Affected Products (6)

Juniper · Apstra <6.1.1

Juniper · Apstra 6.1.1

Juniper · JUNOS OS

Juniper · JUNOS OS Evolved

Juniper · Junos Space <24.1R5 Patch V3

Juniper · Junos Space 24.1R5 Patch V3

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more