CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2 days ago•4 views

CVE-2026-10629 CVE-2026-10629

5.7AI score0.00015EPSS

Positive Technologies•added 3 days ago•7 views

PT-2026-45431

FlexRIC v2.0.0 crashes when receiving a RIC SUBSCRIPTION RESPONSE with an unknown ric id that has no corresponding pending event. The near-RT RIC uses assert to enforce the existence of a pending event during response processing. A remote unauthenticated attacker can send a forged RIC SUBSCRIPTIO...

5.8AI score0.00081EPSS

Exploits0References3

OSV•added 3 days ago•2 views

PUB-A-472711335

In WC-Radio, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

6.4AI score

CNNVD•added 3 days ago•2 views

FlexRIC security vulnerabilities

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. Version FlexRIC v2.0.0 contains a security vulnerability. This vulnerability arises from handling RICINDICATION messages that do not contain the ranfuncid field, causing an assert to be triggered or null pointer...

7.5CVSS5.8AI score0.00081EPSS

Exploits1References2

RedhatCVE•added 6 days ago•4 views

CVE-2026-45323

MeshCore Card provides MeshCore Lovelace card for Home Assistant. Prior to 0.3.3, Meshcore node names are rendered without HTML escaping in meshcore-card, allowing any node within direct or indirect repeated radio range to execute arbitrary javascript in the Home Assistant frontend of anyone...

9.6CVSS6.1AI score0.00045EPSS

Exploits1References1

Vulnrichment•added 2026/05/27 3:16 p.m.•5 views

CVE-2026-44473 Ella Core: UE Downlink Redirection via Forged PDUSessionResourceSetupResponse

Ella Core is a 5G core designed for private networks. Prior to 1.10.0, a radio with a valid NG Setup can send a forged PDUSessionResourceSetupResponse carrying any UE's AMF-UE-NGAP-ID. Ella Core does not verify the message arrived on the SCTP association bound to that UE's logical NG-connection,...

7.1CVSS5.8AI score0.00022EPSS

Schneier on Security•added 2026/05/26 3:2 p.m.•9 views

Identifying People Using Wi-Fi Routers

Not identifying people based on their use of Wi-Fi routers, but identifying people using Wi-Fi signals. This is accomplished through what is known as WiFi sensing, or the use of WiFi signals to infer information about a physical environment. When radio signals like WiFi travel through a space, th...

5.8AI score

Exploits0

AstraLinux•added 2026/05/20 5:53 a.m.•9 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Avoid accessing uninitialized arvif-ar during beacon miss During beacon miss handling, ath12k driver iterates over active virtual interfaces vifs and attempts to access the radio object ar via arvif-deflink-ar...

5.5CVSS5.8AI score0.00018EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: NFC: NULLed the dev-rfkill to prevent UAF The commit 3e3b5dfcd16a “NFC: reordered the logic in nfcun,registerdevice” assumes that the deviceisregistered function in the nfcdevup function will help to check when the rfkill is...

7.8CVSS6.5AI score0.00014EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ax25: Fixed the reference count leak issue of the netdevice object. There is a reference count leak issue with the object “netdevice” in the function ax25devdevicedown. When the ax25 device is being shut down, the ax25devdevicedo...

5.5CVSS6AI score0.0002EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: radio-shark: Added endpoint checks The syzbot fuzzer was able to trigger a WARNING message from the radio-shark2 driver: ------------ Cut here ------------ usb 1-1: BOGUS urb xfer, pipe 1 != type 3 WARNING: CPU: 0 PID: 327...

5.5CVSS5.8AI score0.00017EPSS

Github Security Blog•added 2026/05/18 6:31 a.m.•3 views

AMF Vulnerable to Improper Resource Shutdown or Release

A security vulnerability has been detected in omec-project amf up to 2.1.3-dev. This impacts the function UERadioCapabilityCheckResponse of the file ngap/dispatcher.go. Such manipulation leads to null pointer dereference. The attack can be executed remotely. The exploit has been disclosed publicl...

5.3CVSS5.4AI score0.00017EPSS

Exploits0References9Affected Software1

Snyk•added 2026/05/18 5:31 a.m.•2 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the UERadioCapabilityCheckResponse function in the dispatcher.go file. An attacker can cause a denial of service by sending specially crafted remote requests that trigger a null pointer dereference...

Snyk•added 2026/05/18 5:31 a.m.•1 views

NULL Pointer Dereference

Snyk•added 2026/05/18 5:31 a.m.•2 views

NULL Pointer Dereference

Vulnrichment•added 2026/05/18 2:15 a.m.•4 views

CVE-2026-8783 omec-project amf dispatcher.go UERadioCapabilityCheckResponse null pointer dereference

5.3CVSS5.4AI score0.00017EPSS

Exploits0References7

CNNVD•added 2026/05/18 12:0 a.m.•4 views

amf 安全漏洞

AMF is an open-source library under the Apache License, developed by Free5GC. Versions of AMF such as 2.1.3-dev and earlier contain security vulnerabilities. These vulnerabilities stem from the operation of the function UERadioCapabilityCheckResponse in the file ngap/dispatcher.go, which leads to...