CVE-2026-21902 is a pre-authentication RCE vulnerability in Juniper Networks Junos OS Evolved with a CVSS of 9.8, enabling unauthenticated arbitrary code execution on network infrastructure devices. No CISA KEV listing as of this rollup date and EPSS is at the 51st percentile, but the severity class, attack vector, and design-level root cause characterization from watchTowr Labs warrant immediate prioritization for any organization with Junos OS Evolved in its environment. Affected version ranges must be confirmed against the Juniper Security Advisory before patching. Until patched, restrict management interface access (SSH, NETCONF, J-Web) to out-of-band or allowlisted management networks.