HIGH🇵🇱 Wersja polska

CVE-2026-30078

CVSS 7.5v3.1pub. 2026-04-06upd. 2026-04-10

OpenAirInterface V2.2.0 AMF crashes when it receives an NGAP message with invalid procedure code or invalid PDU-type. For example when the message specification requires InitiatingMessage but sent with successfulOutcome.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Openairinterface Oai Cn5g Amf

    APP
    Openairinterface
    2.2.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-30079CRITICAL9.8PL ✓ten sam produkt

Pominięcie uwierzytelniania w OpenAirInterface AMF (OAI-CN5G) przez błąd stanów rejestracji UE

CVE-2026-30075HIGH7.5ten sam produkt

OpenAirInterface Version 2.2.0 has a Buffer Overflow vulnerability in processing UplinkNASTransport containing...

CVE-2026-30080HIGH7.5ten sam produkt

OpenAirInterface v2.2.0 accepts Security Mode Complete without any integrity protection. Configuration has sup...

CVE-2025-65805HIGH7.5ten sam produkt

OpenAirInterface CN5G AMF<=v2.1.9 has a buffer overflow vulnerability in processing NAS messages. Unauthorized...

CVE-2025-66786HIGH7.5ten sam produkt

OpenAirInterface CN5G AMF<=v2.0.1 There is a logical error when processing JSON format requests. Unauthorized ...

CVE-2026-30078 — Openairinterface — Oai-Cn5G-Amf — HIGH — CVSS 7.5 | CVEbaza.pl