Lucene search
K

55 matches found

CVE
CVE
added yesterday6 views

CVE-2026-15194

Open5GS 2.7.7 has a use-after-free in AMF code via amf_context_final (src/amf/context.c). Exploitation requires local access, and public exploit code exists. Affects AMF component; no other details on vulnerable versions beyond 2.7.7 are provided. The provided documents do not specify a CVSS vect...

4.8CVSS5.6AI score
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:36 p.m.10 views

CVE-2026-41136

free5GC AMF provides Access & Mobility Management Function AMF for free5GC, an an open-source project for 5th generation 5G mobile core networks. Prior to version 1.4.3, the HTTPUEContextTransfer handler in internal/sbi/apicommunication.go does not include a default case in the Content-Type switc...

6.9CVSS5.5AI score0.00282EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/23 12:0 a.m.13 views

amf 缓冲区错误漏洞

AMF is an open-source library under Apache License, developed by Free5GC. Versions of AMF prior to 2.1.1 contain a buffer error vulnerability. This vulnerability stems from unknown code in the NGReset Message Handler component, which may lead to memory corruption...

6.5CVSS6.8AI score0.00228EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/23 12:0 a.m.11 views

amf 缓冲区错误漏洞

AMF is a control plane function in the Aether SD-Core Project’s open-source 5G core network. Versions of AMF prior to 2.1.1 contained a buffer error vulnerability. This vulnerability originates from the PDUSessionResourceModifyIndication function in the /go/src/amf/ngap/handler.go file, and it...

6.5CVSS6.8AI score0.00228EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/23 12:0 a.m.16 views

PT-2026-42877

Name of the Vulnerable Software and Affected Versions omec-project amf versions prior to 2.1.2 Description A flaw in the PDUSessionResourceModifyIndication function within the /go/src/amf/ngap/handler.go file can lead to memory corruption. This issue allows for remote exploitation. Recommendation...

6.5CVSS6.6AI score0.00228EPSS
Exploits0References13
Github Security Blog
Github Security Blog
added 2026/05/18 6:31 a.m.9 views

AMF Vulnerable to Improper Resource Shutdown or Release

A security vulnerability has been detected in omec-project amf up to 2.1.3-dev. This impacts the function UERadioCapabilityCheckResponse of the file ngap/dispatcher.go. Such manipulation leads to null pointer dereference. The attack can be executed remotely. The exploit has been disclosed publicl...

5.3CVSS5.4AI score0.00398EPSS
Exploits0References9Affected Software1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.8 views

amf 安全漏洞

AMF is an open-source library under the Apache License, developed by Free5GC. Versions of AMF such as 2.1.3-dev and earlier contain security vulnerabilities. These vulnerabilities stem from the operation of the function UERadioCapabilityCheckResponse in the file ngap/dispatcher.go, which leads to...

5.3CVSS5.8AI score0.00398EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.14 views

amf 缓冲区错误漏洞

AMF is an open-source library under the Apache License, developed by Free5GC. Versions of AMF such as 2.1.3-dev and earlier contain a buffer error vulnerability. This vulnerability stems from unknown functions in the ngap/dispatcher.go file within the NGAP Message Handler component, which can lea...

5.3CVSS6AI score0.00303EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.16 views

amf 缓冲区错误漏洞

AMF is an open-source library under Apache License, developed by Free5GC. Versions of AMF prior to 2.1.1 contain a buffer error vulnerability, which stems from issues with the NGAP Message Handler component. This vulnerability may lead to memory corruption...

5.3CVSS6AI score0.00309EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/05 2:20 a.m.7 views

CVE-2026-7706

A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function gmmhandleservicerequest of the file /src/amf/gmm-handler.c of the component AMF. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public a...

5.3CVSS5.3AI score0.00276EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/01 4:45 p.m.4 views

EUVD-2026-26699

A vulnerability has been found in Open5GS up to 2.7.7. This vulnerability affects the function amfnsmfpdusessionhandleupdatesmcontext of the file /src/amf/nsmf-handler.c of the component AMF. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit...

5.3CVSS5.3AI score0.00306EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.12 views

PT-2026-36260

A flaw has been found in Open5GS up to 2.7.7. This issue affects the function amf namf callback handle sdm data change notify of the file /namf-callback/v1/id/sdmsubscription-notify of the component AMF SBI Endpoint. This manipulation of the argument changeItem.newValue causes denial of service...

5.3CVSS5.5AI score0.00364EPSS
Exploits0References6
NVD
NVD
added 2026/04/07 3:17 p.m.11 views

CVE-2026-30079

In OpenAirInterface V2.2.0 AMF, Out of sequence messages causes incorrect state transition during UE registration procedure. This allows authentication to be bypassed completely. If a SecurityModeComplete message is sent after InitialUERegistration, a registration reject is received followed by a...

9.8CVSS0.00526EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/06 3:31 p.m.5 views

EUVD-2026-19237

OpenAirInterface V2.2.0 AMF crashes when it receives an NGAP message with invalid procedure code or invalid PDU-type. For example when the message specification requires InitiatingMessage but sent with successfulOutcome...

7.5CVSS6AI score0.00292EPSS
Exploits1References3
NVD
NVD
added 2026/04/06 2:16 p.m.5 views

CVE-2026-30078

OpenAirInterface V2.2.0 AMF crashes when it receives an NGAP message with invalid procedure code or invalid PDU-type. For example when the message specification requires InitiatingMessage but sent with successfulOutcome...

7.5CVSS0.00292EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.7 views

PT-2026-30603

OpenAirInterface V2.2.0 AMF crashes when it receives an NGAP message with invalid procedure code or invalid PDU-type. For example when the message specification requires InitiatingMessage but sent with successfulOutcome...

7.5CVSS6AI score0.00292EPSS
Exploits1References3
NVD
NVD
added 2026/03/30 6:16 p.m.4 views

CVE-2026-30077

OpenAirInterface V2.2.0 AMF crashes when it fails to decode the message. Not all decode failures result in a crash. But the crash is consistent for particular inputs. An example input in hex stream is 80 00 00 0E 00 00 01 00 0F 80 02 02 40 00 58 00 01 88...

7.5CVSS0.00267EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.7 views

OpenAirInterface 安全漏洞

OpenAirInterface is a mobile communication network software platform developed by the French company OpenAirInterface. Version OpenAirInterface V2.2.0 contains a security vulnerability; this vulnerability stems from failed decoding of messages, which may lead to an AMF crash...

7.5CVSS5.8AI score0.00267EPSS
Exploits0References3
CVE
CVE
added 2026/03/30 12:0 a.m.9 views

CVE-2026-30077

OpenAirInterface V2.2.0 AMF is affected by a crash when handling certain message decode failures. The issue is not triggered by all decode failures, but is reproducible for specific inputs (example hex stream: 80 00 00 0E 00 00 01 00 0F 80 02 02 40 00 58 00 01 88). Connected sources confirm the p...

7.5CVSS5.9AI score0.00267EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/03/27 8:55 p.m.22 views

CVE-2026-33904 Ella Core has a Denial of Service via SCTP connection cleanup deadlock

Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, a deadlock in the AMF's SCTP notification handler causes the entire AMF control plane to hang until the process is restarted. An attacker with access to the N2 interface can cause Ella Core to hang, resulting in a denia...

6.5CVSS0.00165EPSS
Exploits0References3
Rows per page
Query Builder