CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/06/05 7:43 p.m.•7 views

CVE-2026-8780

A vulnerability was identified in omec-project amf up to 2.1.3-dev. The affected element is an unknown function of the file ngap/dispatcher.go of the component NGAP Message Handler. The manipulation leads to memory corruption. The attack may be initiated remotely. The exploit is publicly availabl...

5.3CVSS5AI score0.00303EPSS

CVE•added 2026/06/02 1:30 a.m.•13 views

CVE-2026-10565

CVE-2026-10565 affects Open5GS up to 2.7.6, in NGAP Handover’s function gmm_state_security_mode (src/amf/gmm-sm.c). The issue is a race condition caused by manipulation, exploitable remotely with high attack complexity and low likelihood of full compromise; impact includes partial availability. T...

3.1CVSS5AI score0.00224EPSS

Vulnrichment•added 2026/06/02 1:30 a.m.•8 views

CVE-2026-10565 Open5GS NGAP Handover gmm-sm.c gmm_state_security_mode race condition

A security flaw has been discovered in Open5GS up to 2.7.6. The impacted element is the function gmmstatesecuritymode of the file src/amf/gmm-sm.c of the component NGAP Handover. Performing a manipulation results in race condition. The attack can be initiated remotely. The complexity of an attack...

3.1CVSS5AI score0.00224EPSS

Positive Technologies•added 2026/06/02 12:0 a.m.•14 views

PT-2026-45683

A security flaw has been discovered in Open5GS up to 2.7.6. The impacted element is the function gmm state security mode of the file src/amf/gmm-sm.c of the component NGAP Handover. Performing a manipulation results in race condition. The attack can be initiated remotely. The complexity of an...

3.1CVSS5AI score0.00224EPSS

Exploits0References9

RedhatCVE•added 2026/06/01 4:3 p.m.•12 views

CVE-2026-10157

A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit is...

7.5CVSS5.4AI score0.00419EPSS

Vulnrichment•added 2026/05/31 12:30 a.m.•7 views

CVE-2026-10157 Open5GS NGAP PathSwitchRequest Message ngap-handler.c improper authentication

7.5CVSS6.7AI score0.00419EPSS

Cvelist•added 2026/05/31 12:30 a.m.•40 views

CVE-2026-10157 Open5GS NGAP PathSwitchRequest Message ngap-handler.c improper authentication

7.5CVSS0.00419EPSS

Snyk•added 2026/05/27 5:34 p.m.•5 views

Improperly Implemented Security Check for Standard

Overview Affected versions of this package are vulnerable to Improperly Implemented Security Check for Standard due to improper enforcement of security rules during concurrent execution of Security Mode Command and N2 handover procedures. An attacker can cause handover failures and disrupt networ...

3.7CVSS5.9AI score0.00134EPSS

CVE•added 2026/05/27 3:15 p.m.•12 views

CVE-2026-44475

CVE-2026-44475 affects Ella Core (private 5G core). Prior to version 1.10.0, the PathSwitchRequest handling does not verify UE Security Capabilities against locally stored values, allowing a malicious gNB to overwrite a UE’s security capabilities with arbitrary values via a crafted PathSwitchRequ...

6.1CVSS5.9AI score0.00148EPSS

RedhatCVE•added 2026/05/18 7:59 p.m.•8 views

CVE-2026-8743

A vulnerability was found in Open5GS up to 2.7.6. This impacts the function ranuefindbyamfuengapid of the file src/amf/context.c of the component AMF/MME. Performing a manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit has been made public...

6.5CVSS6.1AI score0.00224EPSS

Exploits1References1

NVD•added 2026/05/18 4:16 a.m.•27 views

CVE-2026-8783

A security vulnerability has been detected in omec-project amf up to 2.1.3-dev. This impacts the function UERadioCapabilityCheckResponse of the file ngap/dispatcher.go. Such manipulation leads to null pointer dereference. The attack can be executed remotely. The exploit has been disclosed publicl...

5.3CVSS0.00398EPSS

Exploits0References7

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the file ngap/handler.go of the component NGAP Message Handler. This manipulation causes null pointer dereference. Remote exploitation of the attack is possible. The exploit has been made available to the...

NULL Pointer Dereference

NULL Pointer Dereference

NULL Pointer Dereference

NULL Pointer Dereference

5.3CVSS5.5AI score0.00303EPSS

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds via an unknown function of the file ngap/dispatcher.go of the component NGAP Message Handler. The manipulation leads to memory corruption. The attack may be initiated remotely. The exploit is publicly available and might b...

5.3CVSS5.5AI score0.00303EPSS

Out-of-Bounds

Snyk•added 2026/05/18 3:45 a.m.•5 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the function RANConfiguration of the file ngap/handler.go. The manipulation results in null pointer dereference. The attack may be launched remotely. The exploit has been released to the public and may be us...

5.3CVSS5.5AI score0.00303EPSS