High severity7.5NVD Advisory· Published Jun 1, 2026· Updated Jun 1, 2026
CVE-2026-37224
CVE-2026-37224
Description
FlexRIC v2.0.0 crashes when receiving a duplicate E2_SETUP_REQUEST from the same or spoofed E2 Node. The iApp registry enforces node ID uniqueness via assert() rather than graceful rejection. A remote unauthenticated attacker can crash the iApp process (port 36421) by sending two E2_SETUP_REQUESTs with the same E2 node configuration, triggering SIGABRT.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1News mentions
1- FlexRIC v2.0.0: Ten High-Severity Assertions and Logic Flaws DisclosedVypr Intelligence · Jun 1, 2026