Critical security vulnerabilities have been patched in Juniper Networks Session Smart Routers and several Atlassian products. A critical authentication bypass vulnerability, identified as CVE-2025-21589, affects Juniper's Session Smart Router, Conductor, and WAN Assurance Managed Routers. Juniper Networks has released a patch to address this flaw, which could allow attackers to bypass authentication and gain control of affected Session Smart Router devices.
Australian software firm Atlassian has also released security patches to address 12 critical and high-severity vulnerabilities across its product suite, including Bamboo, Bitbucket, Confluence, Crowd, and Jira. Among the most severe vulnerabilities fixed is CVE-2024-50379, which has a CVSS score of 9.8 and could lead to remote code execution. Users of these products are strongly advised to apply the available patches as soon as possible to mitigate potential risks.