CVE-2026-8349

omec-project amf NGAP Message memory corruption

CVSS 5.3 MEDIUMEPSS 0.3%CWE-119

A flaw has been found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGAP Message Handler. Executing a manipulation can lead to memory corruption. The attack can be launched remotely. The exploit has been published and may be used. This patch is called 8a4c33cdda866094f1989bdeff6d8642fce8de8435f89defd66831c97715f5aa. It is best practice to apply a patch to resolve this issue.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P

Affected products

omec-project · amf

public PoCs found — 1

cve_referencegithub.com/omec-project/amf/issues/672unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/omec-project/amf/https://github.com/omec-project/amf/issues/672 https://github.com/omec-project/amf/pull/666 https://hub.docker.com/layers/omecproject/5gc-amf/rel-2.2.1/images/sha256-8a4c33cdda866094f1989bdeff6d8642fce8de8435f89defd66831c97715f5aa https://vuldb.com/submit/811475 https://vuldb.com/vuln/362663 https://vuldb.com/vuln/362663/cti