Ella Core Panics Upon NGAP handover failure_CVE-2026-34761

5.8 / 10

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H

Description

Ella Core is a 5G core designed for private networks. Prior to version 1.8.0, Ella Core panics when processing a NGAP handover failure message. An attacker able to cause a gNodeB to send NGAP handover failure messages to Ella Core can crash the process, causing service disruption for all connected subscribers. This issue has been patched in version 1.8.0.

Basic Information

ID CVE-2026-34761

Source GitHub_M

Published Apr 2, 2026 at 19:03

Modified Apr 3, 2026 at 15:43

Affected Product

Vendor ellanetworks

Product core

Version < 1.8.0

Affected Versions ellanetworks core < 1.8.0

CWE Classification

CWE-476

References

{
    "lastseen": "",
    "description": "Ella Core is a 5G core designed for private networks. Prior to version 1.8.0, Ella Core panics when processing a NGAP handover failure message. An attacker able to cause a gNodeB to send NGAP handover failure messages to Ella Core can crash the process, causing service disruption for all connected subscribers. This issue has been patched in version 1.8.0.",
    "published": "2026-04-02T19:03:05.307Z",
    "modified": "2026-04-03T15:43:40.050Z",
    "type": "cve",
    "title": "Ella Core Panics Upon NGAP handover failure",
    "source": "GitHub_M",
    "references": "https://github.com/ellanetworks/core/security/advisories/GHSA-6gm8-3g4h-w82m\nhttps://github.com/ellanetworks/core/releases/tag/v1.8.0",
    "id": "CVE-2026-34761",
    "bulletinFamily": "",
    "cwe": [
        "CWE-476"
    ],
    "cvelist": null,
    "sourceData": "ellanetworks core < 1.8.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.8,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "core",
    "version": "< 1.8.0",
    "vendor": "ellanetworks",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}