Unrated severityNVD Advisory· Published May 23, 2026

omec-project amf NGSetupRequest memory corruption

CVE-2026-9300

Description

A vulnerability has been found in omec-project amf up to 2.1.1. This affects an unknown part of the component NGSetupRequest Handler. Such manipulation leads to memory corruption. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. It is best practice to apply a patch to resolve this issue.

Affected products

Free5gc/Amfinferred2 versions
<=2.1.1+ 1 more
- (no CPE)range: <=2.1.1
- (no CPE)range: <=2.1.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/omec-project/amf/pull/666mitreissue-trackingpatch
github.com/omec-project/amf/issues/679mitreexploitissue-tracking
vuldb.com/submit/811841mitrethird-party-advisory
vuldb.com/vuln/365247mitrevdb-entry
vuldb.com/vuln/365247/ctimitresignaturepermissions-required

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000