CVE-2026-10157

A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit is...

CVE-2026-10157

A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit is...

CVE-2026-10157 Open5GS NGAP PathSwitchRequest Message ngap-handler.c improper authentication

A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit is...

Open5GS 授权问题漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for Lte/Nr networks. Versions of Open5GS 2.7.6 and earlier contained vulnerabilities related to authorization. These vulnerabilities were caused by an unknown function in the file...

CVE-2026-44475

Ella Core is a 5G core designed for private networks. Prior to 1.10.0, Ella Core does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against its locally stored values. A malicious gNB can overwrite Ella Core's stored UE security capabilities for any UE with...

EUVD-2026-32557

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the AMF in Free5GC does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against its locally stored values, as mandated by 3GPP TS 33.501 §6.7.3.1. A malicious gNB can overwrite the...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow in the PathSwitchRequest process. An attacker can cause memory corruption by sending specially crafted requests remotely to the affected component. Remediation Upgrade github.com/omec-project/amf/nas/nassecurity to versi...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow in the PathSwitchRequest process. An attacker can cause memory corruption by sending specially crafted requests remotely to the affected component. Remediation Upgrade github.com/omec-project/amf/metrics to version 2.2.0...

EUVD-2026-31530

A vulnerability was detected in omec-project amf up to 2.1.1. Affected by this vulnerability is an unknown functionality of the component PathSwitchRequest Handler. The manipulation results in memory corruption. The attack may be launched remotely. The exploit is now public and may be used. It is...

CVE-2026-9298 omec-project amf PathSwitchRequest memory corruption

A vulnerability was detected in omec-project amf up to 2.1.1. Affected by this vulnerability is an unknown functionality of the component PathSwitchRequest Handler. The manipulation results in memory corruption. The attack may be launched remotely. The exploit is now public and may be used. It is...

SUSE CVE-2026-32320

Ella Core is a 5G core designed for private networks. Prior to 1.5.1, Ella Core panics when processing a PathSwitchRequest containing UE Security Capabilities with zero-length NR encryption or integrity protection algorithm bitstrings, resulting in a denial of service. An attacker able to send...

Ella Core 缓冲区错误漏洞

Ella Core is an open-source solution developed by Ella Networks for use in private networks as a 5G core network solution. Versions of Ella Core prior to 1.5.1 contained a buffer error vulnerability. This vulnerability stemmed from a kernel crash that occurred when processing PathSwitchRequest...

CVE-2026-32320

Ella Core is a 5G core designed for private networks. Prior to 1.5.1, Ella Core panics when processing a PathSwitchRequest containing UE Security Capabilities with zero-length NR encryption or integrity protection algorithm bitstrings, resulting in a denial of service. An attacker able to send...

PT-2026-25088

Name of the Vulnerable Software and Affected Versions Ella Core versions prior to 1.5.1 Description Ella Core is a 5G core designed for private networks. The software experiences a panic, leading to a denial of service, when processing a PathSwitchRequest containing UE Security Capabilities with...

EUVD-2025-16728

Malicious code in bioql PyPI...

CVE-2025-5501

A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngaphandlepathswitchrequesttransfer of the file src/smf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to reachable assertion...

CVE-2025-5501

A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngaphandlepathswitchrequesttransfer of the file src/smf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to reachable assertion...

CVE-2025-5501

A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngaphandlepathswitchrequesttransfer of the file src/smf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to reachable assertion...

CVE-2025-5501 Open5GS NGAP PathSwitchRequest Message ngap-handler.c ngap_handle_path_switch_request_transfer assertion

A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngaphandlepathswitchrequesttransfer of the file src/smf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to reachable assertion...