Lucene search
K

608 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/04 6:0 a.m.9 views

CVE-2026-14618

A vulnerability was detected in Open5GS up to 2.7.7. Affected by this vulnerability is the function amfnnrfhandlenfdiscover of the file src/amf/nnrf-handler.c of the component AMF. The manipulation results in denial of service. The attack may be launched remotely. The exploit is now public and ma...

5.3CVSS5.6AI score0.00316EPSS
Exploits0References8
OSV
OSV
added 2026/07/04 6:0 a.m.2 views

CVE-2026-14618 Open5GS AMF nnrf-handler.c amf_nnrf_handle_nf_discover denial of service

A vulnerability was detected in Open5GS up to 2.7.7. Affected by this vulnerability is the function amfnnrfhandlenfdiscover of the file src/amf/nnrf-handler.c of the component AMF. The manipulation results in denial of service. The attack may be launched remotely. The exploit is now public and ma...

5.3CVSS5.5AI score0.00316EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/07/04 12:0 a.m.13 views

PT-2026-55692

Name of the Vulnerable Software and Affected Versions omec-project amf versions 2.0.2 and 2.1.1 Description A remote manipulation of the NGSetupRequest Handler component within the file /go/src/amf/ngap/handler.go can lead to a denial of service. Recommendations For versions 2.0.2 and 2.1.1, depl...

5.3CVSS5.9AI score0.00317EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.11 views

CVE-2026-7587

A vulnerability has been found in Open5GS up to 2.7.7. This vulnerability affects the function amfnsmfpdusessionhandleupdatesmcontext of the file /src/amf/nsmf-handler.c of the component AMF. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit...

5.3CVSS5AI score0.00306EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:43 p.m.10 views

CVE-2026-8349

A flaw has been found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGAP Message Handler. Executing a manipulation can lead to memory corruption. The attack can be launched remotely. The exploit has been published and may be used. This patch is called...

5.3CVSS5AI score0.00309EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:43 p.m.10 views

CVE-2026-8781

A security flaw has been discovered in omec-project amf up to 2.1.3-dev. The impacted element is the function RANConfiguration of the file ngap/handler.go. The manipulation results in null pointer dereference. The attack may be launched remotely. The exploit has been released to the public and ma...

5.3CVSS4.9AI score0.00303EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:43 p.m.12 views

CVE-2026-8783

A security vulnerability has been detected in omec-project amf up to 2.1.3-dev. This impacts the function UERadioCapabilityCheckResponse of the file ngap/dispatcher.go. Such manipulation leads to null pointer dereference. The attack can be executed remotely. The exploit has been disclosed publicl...

5.3CVSS4.9AI score0.00398EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/02 1:30 a.m.12 views

CVE-2026-10565

A security flaw has been discovered in Open5GS up to 2.7.6. The impacted element is the function gmmstatesecuritymode of the file src/amf/gmm-sm.c of the component NGAP Handover. Performing a manipulation results in race condition. The attack can be initiated remotely. The complexity of an attack...

3.1CVSS5AI score0.00224EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/01 4:3 p.m.17 views

CVE-2026-10156

A vulnerability was determined in Open5GS up to 2.7.7. This affects the function handleamfinfo in the library /lib/sbi/nnrf-handler.c of the component nf-instances Endpoint. Executing a manipulation of the argument nfinfopool can lead to resource consumption. The attack may be performed from...

5.3CVSS5.4AI score0.00277EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/31 12:31 a.m.16 views

EUVD-2026-33472

A vulnerability was determined in Open5GS up to 2.7.7. This affects the function handleamfinfo in the library /lib/sbi/nnrf-handler.c of the component nf-instances Endpoint. Executing a manipulation of the argument nfinfopool can lead to resource consumption. The attack may be performed from...

5.3CVSS5.4AI score0.00277EPSS
Exploits0References6
CVE
CVE
added 2026/05/30 11:45 p.m.26 views

CVE-2026-10156

Open5GS up to 2.7.7 is affected by a vulnerability in nf-instances Endpoint, specifically the handle_amf_info function in /lib/sbi/nnrf-handler.c. A manipulation of the nf_info_pool argument can cause resource consumption, and the attack can be executed remotely. Publicly disclosed exploit and re...

5.3CVSS5.4AI score0.00277EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/30 11:45 p.m.38 views

CVE-2026-10156 Open5GS nf-instances Endpoint nnrf-handler.c handle_amf_info resource consumption

A vulnerability was determined in Open5GS up to 2.7.7. This affects the function handleamfinfo in the library /lib/sbi/nnrf-handler.c of the component nf-instances Endpoint. Executing a manipulation of the argument nfinfopool can lead to resource consumption. The attack may be performed from...

5.3CVSS0.00277EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/30 11:45 p.m.10 views

CVE-2026-10156

A vulnerability was determined in Open5GS up to 2.7.7. This affects the function handleamfinfo in the library /lib/sbi/nnrf-handler.c of the component nf-instances Endpoint. Executing a manipulation of the argument nfinfopool can lead to resource consumption. The attack may be performed from...

5.3CVSS5.4AI score0.00277EPSS
Exploits0References5
OSV
OSV
added 2026/05/30 11:45 p.m.2 views

CVE-2026-10156 Open5GS nf-instances Endpoint nnrf-handler.c handle_amf_info resource consumption

A vulnerability was determined in Open5GS up to 2.7.7. This affects the function handleamfinfo in the library /lib/sbi/nnrf-handler.c of the component nf-instances Endpoint. Executing a manipulation of the argument nfinfopool can lead to resource consumption. The attack may be performed from...

5.3CVSS5.4AI score0.00277EPSS
Exploits0References7
Snyk
Snyk
added 2026/05/27 5:34 p.m.10 views

Improperly Implemented Security Check for Standard

Overview Affected versions of this package are vulnerable to Improperly Implemented Security Check for Standard due to improper enforcement of security rules during concurrent execution of Security Mode Command and N2 handover procedures. An attacker can cause handover failures and disrupt networ...

3.7CVSS5.9AI score0.00134EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/27 5:34 p.m.8 views

Improperly Implemented Security Check for Standard

Overview Affected versions of this package are vulnerable to Improperly Implemented Security Check for Standard due to improper enforcement of security rules during concurrent execution of Security Mode Command and N2 handover procedures. An attacker can cause handover failures and disrupt networ...

3.7CVSS5.9AI score0.00134EPSS
Exploits0References2
NVD
NVD
added 2026/05/27 5:16 p.m.19 views

CVE-2026-44323

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's UDR nudr-dr DELETE /subscription-data/ueId/servingPlmnId/ee-subscriptions/subsId/amf-subscriptions handler contains a nil-pointer dereference reachable from a single authenticated request, after one...

6.5CVSS0.0035EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/05/27 3:59 p.m.11 views

CVE-2026-42081 free5GC: UE Security Capability bypass on NGAP PathSwitchRequest

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the AMF in Free5GC does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against its locally stored values, as mandated by 3GPP TS 33.501 §6.7.3.1. A malicious gNB can overwrite the...

6.1CVSS5.9AI score0.00266EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 3:45 p.m.13 views

CVE-2026-44323

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's UDR nudr-dr DELETE /subscription-data/ueId/servingPlmnId/ee-subscriptions/subsId/amf-subscriptions handler contains a nil-pointer dereference reachable from a single authenticated request, after one...

4.3CVSS5.8AI score0.0035EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/27 3:45 p.m.9 views

CVE-2026-44323 free5GC: UDR nudr-dr DELETE amf-subscriptions panics on missing subsId when UE state exists (nil pointer dereference)

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's UDR nudr-dr DELETE /subscription-data/ueId/servingPlmnId/ee-subscriptions/subsId/amf-subscriptions handler contains a nil-pointer dereference reachable from a single authenticated request, after one...

4.3CVSS5.8AI score0.0035EPSS
Exploits1References4
Rows per page
Query Builder