{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-9298", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-05-22T17:44:56.483Z", "datePublished": "2026-05-23T10:30:13.713Z", "dateUpdated": "2026-05-23T10:30:13.713Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-05-23T10:30:13.713Z"}, "title": "omec-project amf PathSwitchRequest memory corruption", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-119", "lang": "en", "description": "Memory Corruption"}]}], "affected": [{"vendor": "omec-project", "product": "amf", "versions": [{"version": "2.1.0", "status": "affected"}, {"version": "2.1.1", "status": "affected"}], "cpes": ["cpe:2.3:a:omec-project:amf:*:*:*:*:*:*:*:*"], "modules": ["PathSwitchRequest Handler"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in omec-project amf up to 2.1.1. Affected by this vulnerability is an unknown functionality of the component PathSwitchRequest Handler. The manipulation results in memory corruption. The attack may be launched remotely. The exploit is now public and may be used. It is advisable to implement a patch to correct this issue."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C"}}], "timeline": [{"time": "2026-05-22T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-05-22T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-05-22T19:50:09.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "shovon0203 (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/vuln/365245", "name": "VDB-365245 | omec-project amf PathSwitchRequest memory corruption", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/vuln/365245/cti", "name": "VDB-365245 | CTI Indicators (IOB, IOC)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/811684", "name": "Submit #811684 | Linux Foundation Projects SD-Core 2.1.1 Memory Corruption", "tags": ["third-party-advisory"]}, {"url": "https://github.com/omec-project/amf/issues/680", "tags": ["exploit", "issue-tracking"]}, {"url": "https://github.com/omec-project/amf/pull/666", "tags": ["issue-tracking", "patch"]}, {"url": "https://github.com/omec-project/amf/", "tags": ["product"]}]}}}

{}

{}

{"bugzilla": {"description": "AMF: omec-project amf: Memory corruption vulnerability in PathSwitchRequest Handler", "id": "2480897", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480897"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "status": "draft"}, "cwe": "CWE-787", "details": ["A flaw was found in omec-project amf. A remote attacker could exploit an unknown functionality within the PathSwitchRequest Handler component, leading to memory corruption."], "name": "CVE-2026-9298", "package_state": [{"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Not affected", "package_name": "AMF", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}], "public_date": "2026-05-23T10:30:13Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-9298\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-9298\nhttps://github.com/omec-project/amf/\nhttps://github.com/omec-project/amf/issues/680\nhttps://github.com/omec-project/amf/pull/666\nhttps://vuldb.com/submit/811684\nhttps://vuldb.com/vuln/365245\nhttps://vuldb.com/vuln/365245/cti"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "2.1.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "2.1.1"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "amf", "source": "cna", "vendor": "omec-project"}, "product": "amf", "vendor": "omec-project"}], "created": "2026-05-23T12:00:11.899051+00:00", "updated": "2026-05-25T14:00:17.144836+00:00", "vendors": ["omec-project", "omec-project$PRODUCT$amf"]}