Openairinterface CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (7 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-30077	2 Eurecom, Openairinterface	2 Oai Cn5g Amf, Openairinterface	2026-04-06	7.5 High
OpenAirInterface V2.2.0 AMF crashes when it fails to decode the message. Not all decode failures result in a crash. But the crash is consistent for particular inputs. An example input in hex stream is 80 00 00 0E 00 00 01 00 0F 80 02 02 40 00 58 00 01 88.
CVE-2025-65805	1 Openairinterface	2 Cn5g Amf, Oai-cn5g-amf	2026-01-29	7.5 High
OpenAirInterface CN5G AMF<=v2.1.9 has a buffer overflow vulnerability in processing NAS messages. Unauthorized remote attackers can launch a denial-of-service attack and potentially execute malicious code by accessing port N1 and sending an imsi string longer than 1000 to AMF.
CVE-2025-66786	1 Openairinterface	2 Cn5g Amf, Oai-cn5g-amf	2026-01-29	7.5 High
OpenAirInterface CN5G AMF<=v2.0.1 There is a logical error when processing JSON format requests. Unauthorized remote attackers can send malicious JSON data to AMF's SBI interface to launch a denial-of-service attack.
CVE-2025-26265	1 Openairinterface	1 Openairinterface5g	2025-04-11	6.5 Medium
A segmentation fault in openairinterface5g v2.1.0 allows attackers to cause a Denial of Service (DoS) via a crafted UE Context Modification response.
CVE-2024-24426	2 Oai Epc Federation, Openairinterface	2 Oai Epc Federation, Magma	2024-12-03	7.5 High
Reachable assertions in the NGAP_FIND_PROTOCOLIE_BY_ID function of OpenAirInterface Magma v1.8.0 and OAI EPC Federation v1.2.0 allow attackers to cause a Denial of Service (DoS) via a crafted NGAP packet.
CVE-2024-24449	1 Openairinterface	1 Cn5g Amf	2024-11-26	6.5 Medium
An uninitialized pointer dereference in the NasPdu::NasPdu component of OpenAirInterface CN5G AMF up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted InitialUEMessage message sent to the AMF.
CVE-2024-24446	1 Openairinterface	1 Cn5g Amf	2024-11-19	6.5 Medium
An uninitialized pointer dereference in OpenAirInterface CN5G AMF up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted InitialContextSetupResponse message sent to the AMF.

Page 1 of 1.