Openairinterface Oai-cn5g-amf — known CVE vulnerabilities
Every CVE whose affected-product data names Openairinterface Oai-cn5g-amf, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2026-30079 — CVSS 9.8 (critical): In OpenAirInterface V2.2.0 AMF, Out of sequence messages causes incorrect state transition during UE registration procedure. This allows…
CVE-2025-65805 — CVSS 7.5 (high): OpenAirInterface CN5G AMF<=v2.1.9 has a buffer overflow vulnerability in processing NAS messages. Unauthorized remote attackers can launch…
CVE-2025-66786 — CVSS 7.5 (high): OpenAirInterface CN5G AMF<=v2.0.1 There is a logical error when processing JSON format requests. Unauthorized remote attackers can send…
CVE-2026-30075 — CVSS 7.5 (high): OpenAirInterface Version 2.2.0 has a Buffer Overflow vulnerability in processing UplinkNASTransport containing Authentication Response…
CVE-2026-30078 — CVSS 7.5 (high): OpenAirInterface V2.2.0 AMF crashes when it receives an NGAP message with invalid procedure code or invalid PDU-type. For example when the…
CVE-2026-30080 — CVSS 7.5 (high): OpenAirInterface v2.2.0 accepts Security Mode Complete without any integrity protection. Configuration has supported integrity NIA1 and…