CVE-2026-37232

An issue was discovered in OpenAirInterface5G 2.4.0 nr-softmodem in the E2SM-KPM RAN Function's PRB utilization metric calculation. The functions fillRRUPrbTotDl and fillRRUPrbTotUl in openair2/E2AP/RANFUNCTION/O-RAN/ranfunckpmsubs.c lines 182 and 197 compute PRB usage percentages by dividing by...

PT-2026-45511

An issue was discovered in OpenAirInterface5G 2.4.0 nr-softmodem in the E2SM-KPM RAN Function's PRB utilization metric calculation. The functions fill RRU PrbTotDl and fill RRU PrbTotUl in openair2/E2AP/RAN FUNCTION/O-RAN/ran func kpm subs.c lines 182 and 197 compute PRB usage percentages by...

openairinterface5G security vulnerability

openairinterface5G is an open-source implementation of the OAI project, focusing on the research, development, and testing of 5G NR New Radio core networks and access networks. Version 2.4.0 of openairinterface5G contains a security vulnerability. This vulnerability stems from the E2SM-KPM RAN...

CVE-2026-30075

OpenAirInterface Version 2.2.0 has a Buffer Overflow vulnerability in processing UplinkNASTransport containing Authentication Response containing a NAS PDU with oversize response For example 100 byte. The response is decoded by AMF and passed to the AUSF component for verification. AUSF crashes o...

CVE-2026-30078

OpenAirInterface V2.2.0 AMF crashes when it receives an NGAP message with invalid procedure code or invalid PDU-type. For example when the message specification requires InitiatingMessage but sent with successfulOutcome...

CVE-2026-30079

In OpenAirInterface V2.2.0 AMF, Out of sequence messages causes incorrect state transition during UE registration procedure. This allows authentication to be bypassed completely. If a SecurityModeComplete message is sent after InitialUERegistration, a registration reject is received followed by a...

PT-2026-30848

In OpenAirInterface V2.2.0 AMF, Out of sequence messages causes incorrect state transition during UE registration procedure. This allows authentication to be bypassed completely. If a SecurityModeComplete message is sent after InitialUERegistration, a registration reject is received followed by a...

Jamming Attacks on the Random Access Channel in 5G and B5G Networks

Random Access Channel RACH jamming poses a critical security threat to 5G and beyond B5G networks. This paper presents an analytical model for predicting the impact of Msg1 jamming attacks on RACH performance. We use the OpenAirInterface OAI open-source user equipment UE to implement a Msg1 jammi...

CVE-2025-65805

OpenAirInterface CN5G AMF=v2.1.9 has a buffer overflow vulnerability in processing NAS messages. Unauthorized remote attackers can launch a denial-of-service attack and potentially execute malicious code by accessing port N1 and sending an imsi string longer than 1000 to AMF...

PT-2026-1863

Name of the Vulnerable Software and Affected Versions OpenAirInterface CN5G AMF versions through 2.0.1 Description A logical error exists in the processing of JSON format requests. Remote attackers can send malicious JSON data to the AMF's SBI interface, potentially causing a denial-of-service...

OpenAirInterface CN5G AMF 安全漏洞

OpenAirInterface CN5G AMF is an OpenAirInterface open source application. A security vulnerability exists in OpenAirInterface CN5G AMF v2.1.9 and earlier versions, which stems from a buffer overflow when processing NAS messages, and could lead to a denial-of-service attack or execution of malicio...

CVE-2025-65805

CVE-2025-65805 : OpenAirInterface CN5G AMF

CVE-2025-66786

OpenAirInterface CN5G AMF

CVE-2025-26265

A segmentation fault in openairinterface5g v2.1.0 allows attackers to cause a Denial of Service DoS via a crafted UE Context Modification response...

OpenAirInterface CN5G AMF 安全漏洞

OpenAirInterface CN5G AMF is an OpenAirInterface open source application. A security vulnerability exists in OpenAirInterface CN5G AMF v2.0.0 and earlier versions, which stems from mishandling of file descriptors of closed connections, allowing an attacker to cause a denial of service DoS by...

OpenAirInterface CN5G AMF 安全漏洞

OpenAirInterface CN5G AMF is an OpenAirInterface open source application. A security vulnerability exists in OpenAirInterface CN5G AMF v2.0.0 and earlier versions, which stems from the inclusion of a null pointer dereference that allows an attacker with AMF network adjacency access to perform a...

PT-2025-2383 · Unknown · Openairinterface Cn5G Amf

Name of the Vulnerable Software and Affected Versions: OpenAirInterface CN5G AMF oai-cn5g-amf versions up to v2.0.0 Description: The issue is related to improper file descriptor handling for closed connections, which allows attackers to cause a Denial of Service DoS by repeatedly establishing SCT...

PT-2024-20392 · Unknown · Openairinterface Magma +1

Name of the Vulnerable Software and Affected Versions: OpenAirInterface Magma version 1.8.0 OAI EPC Federation version 1.2.0 Description: The issue allows attackers to cause a Denial of Service DoS via a crafted NGAP packet. This is due to reachable assertions in the NGAP FIND PROTOCOLIE BY ID...

PT-2024-20398 · Unknown · Openairinterface Cn5G Amf

Name of the Vulnerable Software and Affected Versions: OpenAirInterface CN5G AMF versions up to 2.0.0 Description: The issue is caused by an uninitialized pointer dereference in the NasPdu::NasPdu component, allowing attackers to cause a Denial of Service DoS via a crafted InitialUEMessage messag...