6.5

CVE-2026-34761

EPSS 0.32%
Veröffentlicht 02.04.2026 19:03:05
Zuletzt bearbeitet 07.04.2026 16:51:35
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Ella Core Panics Upon NGAP handover failure

Ella Core is a 5G core designed for private networks. Prior to version 1.8.0, Ella Core panics when processing a NGAP handover failure message. An attacker able to cause a gNodeB to send NGAP handover failure messages to Ella Core can crash the process, causing service disruption for all connected subscribers. This issue has been patched in version 1.8.0.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

NVD 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ellanetworks ≫ Ella Core Version < 1.8.0

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.32%	0.232

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
security-advisories@github.com	5.8	1.3	4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://github.com/ellanetworks/core/security/advisories/GHSA-6gm8-3g4h-w82m

Vendor Advisory

https://github.com/ellanetworks/core/releases/tag/v1.8.0

Release Notes

https://nvd.nist.gov/vuln/detail/CVE-2026-34761

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-34761

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-34761

EUVD