Primary

Context

Salt Junos Execution Module Unsafe YAML Processing Leading to Code Execution Vulnerability

Vulnerability

A vulnerability exists in the Junos execution module of Salt due to improper handling of YAML decoding. This flaw allows a specially crafted YAML payload to be processed in a way that could execute unintended code within the Salt process. The issue arises from the execution module's use of an unsafe YAML load function, which can lead to arbitrary code execution.

Impact

Exploitation of this vulnerability could result in arbitrary code execution under the context of the Salt process.

Remediation

Users can upgrade to Salt version 3006.18 or later, where this vulnerability has been addressed.

Added: Jan 30, 2026, 7:19 PM

Updated: Jan 30, 2026, 7:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.3

remediation

0.0

relevance

2.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.3

remediation

0.0

relevance

2.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Salt Junos Execution Module Unsafe YAML Processing Leading to Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating