What is the severity of CVE-2026-21911?

CVE-2026-21911 has a CVSS v3 score of 6.5, which is classified as Medium severity.

Is there an exploit available for CVE-2026-21911?

No known public exploits are currently available for CVE-2026-21911.

Is there a patch available for CVE-2026-21911?

Yes, patches are available for CVE-2026-21911. Check the vendor advisories for update instructions.

CVE-2026-21911 - CVE Details, Severity, and Analysis

Published: January 26, 2026

Last updated:2 days ago (January 26, 2026)

Updated January 26, 2026

no major risk factors

An Incorrect Calculation vulnerability in the Layer 2 Control

Protocol

Daemon (l2cpd) of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker flapping the management interface to cause the learning of new MACs over label-switched interfaces (LSI) to stop while generating a flood of logs, resulting in high CPU usage.

When the issue is seen, the following log message will be generated:

op:1 flag:0x6 mac:xx:xx:xx:xx:xx:xx bd:2 ifl:13302 reason:0(REASON_NONE) i-op:6(INTRNL_OP_HW_FORCE_DELETE) status:10 lstatus:10 err:26(GETIFBD_VALIDATE_FAILED) err-reason 4(IFBD_VALIDATE_FAIL_EPOCH_MISMATCH) hw_wr:0x4 ctxsync:0 fwdsync:0 rtt-id:51 p_ifl:0 fwd_nh:0 svlbnh:0 event:- smask:0x100000000 dmask:0x0 mplsmask 0x1 act:0x5800 extf:0x0 pfe-id 0 hw-notif-ifl 13302 programmed-ifl 4294967295 pseudo-vtep underlay-ifl-idx 0 stack:GET_MAC, ALLOCATE_MAC, GET_IFL, GET_IFF, GET_IFBD, STOP,

This issue affects Junos OS Evolved:

all versions before 21.4R3-S7-EVO,
from 22.2 before 22.2R3-S4-EVO,
from 22.3 before 22.3R3-S3-EVO,
from 22.4 before 22.4R3-S2-EVO,
from 23.2 before 23.2R2-S1-EVO,
from 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO.

Strobes VI. (2026). CVE-2026-21911 - CVE Details and Analysis. Strobes VI. Retrieved January 29, 2026, from https://vi.strobes.co/cve/CVE-2026-21911

Vendor	Product
Juniper	Junos Os Evolved

NVD: An Incorrect Calculation vulnerability in the Layer 2 Control Protocol Daemon (l2cpd) of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker flapping the management interface to cause the learning of new MACs over label-switched interfaces (LSI) to stop while generating a flood of logs, resulting in high CPU usage. When the issue is seen, the following log message will be generated: op:1 flag:0x6 mac:xx:xx:xx:xx:xx:xx bd:2 ifl:13302 reason:0(REASON_NONE) i-op:6(INTRNL_OP_HW_FORCE_DELETE) status:10 lstatus:10 err:26(GETIFBD_VALIDATE_FAILED) err-reason 4(IFBD_VALIDATE_FAIL_EPOCH_MISMATCH) hw_wr:0x4 ctxsync:0 fwdsync:0 rtt-id:51 p_ifl:0 fwd_nh:0 svlbnh:0 event:- smask:0x100000000 dmask:0x0 mplsmask 0x1 act:0x5800 extf:0x0 pfe-id 0 hw-notif-ifl 13302 programmed-ifl 4294967295 pseudo-vtep underlay-ifl-idx 0 stack:GET_MAC, ALLOCATE_MAC, GET_IFL, GET_IFF, GET_IFBD, STOP, This issue affects Junos OS Evolved: * all versions before 21.4R3-S7-EVO, * from 22.2 before 22.2R3-S4-EVO, * from 22.3 before 22.3R3-S3-EVO, * from 22.4 before 22.4R3-S2-EVO, * from 23.2 before 23.2R2-S1-EVO, * from 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO.