Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

93 matches found

RedhatCVE
RedhatCVEadded 2026/06/05 7:46 p.m.7 views

CVE-2026-37221

FlexRIC v2.0.0 crashes when receiving a RICSUBSCRIPTIONRESPONSE with an unknown ricid that has no corresponding pending event. The near-RT RIC uses assert to enforce the existence of a pending event during response processing. A remote unauthenticated attacker can send a forged...

7.5CVSS5.5AI score0.00347EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/05 7:46 p.m.12 views

CVE-2026-37225

FlexRIC v2.0.0 crashes when the iApp receives an E42RICSUBSCRIPTIONREQUEST with an empty ricEventTriggerDefinition field. The E42 layer decoder accepts this as valid, but the E2AP encoder asserts a non-empty constraint when forwarding the request. A remote unauthenticated attacker can crash the...

7.5CVSS5.5AI score0.00415EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/05 7:45 p.m.9 views

CVE-2026-37220

FlexRIC v2.0.0 crashes when an SCTP association is closed before an E2SETUPREQUEST is sent. The near-RT RIC assumes a mapping between SCTP association and E2 node always exists in the cleanup path and enforces this via assert. A remote unauthenticated attacker can crash the near-RT RIC port 36421...

7.5CVSS5.5AI score0.00347EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/02 4:1 p.m.12 views

CVE-2026-37230

FlexRIC v2.0.0 crashes when the near-RT RIC receives a RICINDICATION message with a ranfuncid that does not exist in its registry. The lookup returns NULL, triggering assert in Debug builds SIGABRT or NULL pointer dereference in Release builds SIGSEGV. A remote unauthenticated attacker can crash...

7.5CVSS5.9AI score0.00642EPSS
Exploits1References1
NVD
NVDadded 2026/06/01 7:16 p.m.11 views

CVE-2026-37230

FlexRIC v2.0.0 crashes when the near-RT RIC receives a RICINDICATION message with a ranfuncid that does not exist in its registry. The lookup returns NULL, triggering assert in Debug builds SIGABRT or NULL pointer dereference in Release builds SIGSEGV. A remote unauthenticated attacker can crash...

7.5CVSS0.00642EPSS
Exploits1References2
EUVD
EUVDadded 2026/06/01 6:31 p.m.10 views

EUVD-2026-33697

FlexRIC v2.0.0 contains a reachable assertion in the iApp message dispatcher. The dispatcher validates incoming E2AP messages against a 9-entry whitelist using assert. A remote unauthenticated attacker can send any decodable E2AP PDU with a message type not in the whitelist to crash the iApp...

7.5CVSS5.8AI score0.00437EPSS
Exploits0References3
NVD
NVDadded 2026/06/01 5:16 p.m.12 views

CVE-2026-37225

FlexRIC v2.0.0 crashes when the iApp receives an E42RICSUBSCRIPTIONREQUEST with an empty ricEventTriggerDefinition field. The E42 layer decoder accepts this as valid, but the E2AP encoder asserts a non-empty constraint when forwarding the request. A remote unauthenticated attacker can crash the...

7.5CVSS0.00415EPSS
Exploits0References2
NVD
NVDadded 2026/06/01 5:16 p.m.10 views

CVE-2026-37227

FlexRIC v2.0.0 contains reachable assert0 calls in stub message handlers for whitelisted but unimplemented E2AP message types in the near-RT RIC. A remote unauthenticated attacker can send a decodable E2AP PDU of such a type e.g., E2nodeConfigurationUpdate to crash the near-RT RIC process port...

7.5CVSS0.00415EPSS
Exploits0References2
NVD
NVDadded 2026/06/01 3:16 p.m.11 views

CVE-2026-37221

FlexRIC v2.0.0 crashes when receiving a RICSUBSCRIPTIONRESPONSE with an unknown ricid that has no corresponding pending event. The near-RT RIC uses assert to enforce the existence of a pending event during response processing. A remote unauthenticated attacker can send a forged...

7.5CVSS0.00347EPSS
Exploits0References2
CVE
CVEadded 2026/06/01 12:0 a.m.16 views

CVE-2026-37230

FlexRIC v2.0.0 is vulnerable: when the near-RT RIC processes a RIC_INDICATION containing a ran_func_id not present in its registry, the lookup returns NULL, triggering an assert in Debug builds (SIGABRT) or a NULL pointer dereference in Release builds (SIGSEGV). This allows a remote unauthenticat...

7.5CVSS5.9AI score0.00642EPSS
Exploits1References2Affected Software1
CNNVD
CNNVDadded 2026/06/01 12:0 a.m.7 views

FlexRIC 安全漏洞

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. Version FlexRIC v2.0.0 contains a security vulnerability. This vulnerability stems from the iApp message distributor using assert for validation of the allowlist, which may allow remote unauthenticated attackers to send...

7.5CVSS5.4AI score0.00437EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/06/01 12:0 a.m.9 views

FlexRIC 安全漏洞

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. Version FlexRIC v2.0.0 contains a security vulnerability. This vulnerability arises from the use of the assert function to enforce mapping relationships before sending the E2SETUPREQUEST message. This could allow remote...

7.5CVSS5.4AI score0.00347EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/06/01 12:0 a.m.10 views

CVE-2026-37221

FlexRIC v2.0.0 crashes when receiving a RICSUBSCRIPTIONRESPONSE with an unknown ricid that has no corresponding pending event. The near-RT RIC uses assert to enforce the existence of a pending event during response processing. A remote unauthenticated attacker can send a forged...

5.8AI score0.00347EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/06/01 12:0 a.m.10 views

CVE-2026-37227

FlexRIC v2.0.0 contains reachable assert0 calls in stub message handlers for whitelisted but unimplemented E2AP message types in the near-RT RIC. A remote unauthenticated attacker can send a decodable E2AP PDU of such a type e.g., E2nodeConfigurationUpdate to crash the near-RT RIC process port...

5.8AI score0.00415EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/06/01 12:0 a.m.10 views

CVE-2026-37220

FlexRIC v2.0.0 crashes when an SCTP association is closed before an E2SETUPREQUEST is sent. The near-RT RIC assumes a mapping between SCTP association and E2 node always exists in the cleanup path and enforces this via assert. A remote unauthenticated attacker can crash the near-RT RIC port 36421...

5.8AI score0.00347EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/06/01 12:0 a.m.5 views

CVE-2026-37221

FlexRIC v2.0.0 crashes when receiving a RICSUBSCRIPTIONRESPONSE with an unknown ricid that has no corresponding pending event. The near-RT RIC uses assert to enforce the existence of a pending event during response processing. A remote unauthenticated attacker can send a forged...

5.8AI score0.00347EPSS
Exploits0References3
EUVD
EUVDadded 2026/06/01 12:0 a.m.13 views

EUVD-2026-33660

FlexRIC v2.0.0 crashes when receiving a RICSUBSCRIPTIONRESPONSE with an unknown ricid that has no corresponding pending event. The near-RT RIC uses assert to enforce the existence of a pending event during response processing. A remote unauthenticated attacker can send a forged...

7.5CVSS5.8AI score0.00347EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/06/01 12:0 a.m.13 views

PT-2026-45430

FlexRIC v2.0.0 crashes when an SCTP association is closed before an E2 SETUP REQUEST is sent. The near-RT RIC assumes a mapping between SCTP association and E2 node always exists in the cleanup path and enforces this via assert. A remote unauthenticated attacker can crash the near-RT RIC port 364...

5.8AI score0.00347EPSS
Exploits0References3
CVE
CVEadded 2026/06/01 12:0 a.m.17 views

CVE-2026-37223

FlexRIC v2.0.0 contains a reachable assertion in the iApp message dispatcher. The dispatcher validates incoming E2AP messages against a 9-entry whitelist using assert(), allowing a remote unauthenticated attacker to send decodable E2AP PDUs with a type not in the whitelist to crash the iApp proce...

7.5CVSS5.8AI score0.00437EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/06/01 12:0 a.m.28 views

CVE-2026-37230

FlexRIC v2.0.0 crashes when the near-RT RIC receives a RICINDICATION message with a ranfuncid that does not exist in its registry. The lookup returns NULL, triggering assert in Debug builds SIGABRT or NULL pointer dereference in Release builds SIGSEGV. A remote unauthenticated attacker can crash...

0.00642EPSS
Exploits1References2
Rows per page
Query Builder