CVE-2026-8781

Source
https://cve.org/CVERecord?id=CVE-2026-8781
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-8781.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-8781
Aliases
Published
2026-05-18T01:45:11.285Z
Modified
2026-07-15T01:48:51.025683976Z
Severity
  • 2.1 (Low) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P CVSS Calculator
Summary
omec-project amf handler.go RANConfiguration null pointer dereference
Details

A security flaw has been discovered in omec-project amf up to 2.1.3-dev. The impacted element is the function RANConfiguration of the file ngap/handler.go. The manipulation results in null pointer dereference. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. Upgrading to version 2.2.0 is sufficient to resolve this issue. Upgrading the affected component is recommended. The same pull request fixes multiple security issues.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/8xxx/CVE-2026-8781.json",
    "cwe_ids": [
        "CWE-404",
        "CWE-476"
    ],
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "introduced": "2.1.3-dev"
                },
                {
                    "last_affected": "2.1.3-dev"
                }
            ],
            "source": "AFFECTED_FIELD"
        }
    ],
    "cna_assigner": "VulDB"
}
References

Affected packages

Git / github.com/omec-project/amf

Affected ranges

Type
GIT
Repo
https://github.com/omec-project/amf
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": "REFERENCES"
}

Affected versions

v1.*
v1.0.0
v1.1.0
v1.1.1
v1.2.0
v1.3.0
v1.4.0
v1.4.1
v1.4.2
v1.4.3
v1.4.4
v1.4.5
v1.5.0
v1.5.1
v1.6.0
v1.6.1
v1.6.2
v1.6.3
v1.6.4
v1.6.5
v1.6.6
v1.6.7
v1.7.0
v2.*
v2.0.0
v2.0.1
v2.0.2
v2.1.0
v2.1.1
v2.1.2

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-8781.json"