{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-34761", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-30T19:17:10.225Z", "datePublished": "2026-04-02T19:03:05.307Z", "dateUpdated": "2026-04-03T15:43:40.050Z"}, "containers": {"cna": {"title": "Ella Core Panics Upon NGAP handover failure", "problemTypes": [{"descriptions": [{"cweId": "CWE-476", "lang": "en", "description": "CWE-476: NULL Pointer Dereference", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/ellanetworks/core/security/advisories/GHSA-6gm8-3g4h-w82m", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/ellanetworks/core/security/advisories/GHSA-6gm8-3g4h-w82m"}, {"name": "https://github.com/ellanetworks/core/releases/tag/v1.8.0", "tags": ["x_refsource_MISC"], "url": "https://github.com/ellanetworks/core/releases/tag/v1.8.0"}], "affected": [{"vendor": "ellanetworks", "product": "core", "versions": [{"version": "< 1.8.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-02T19:03:05.307Z"}, "descriptions": [{"lang": "en", "value": "Ella Core is a 5G core designed for private networks. Prior to version 1.8.0, Ella Core panics when processing a NGAP handover failure message. An attacker able to cause a gNodeB to send NGAP handover failure messages to Ella Core can crash the process, causing service disruption for all connected subscribers. This issue has been patched in version 1.8.0."}], "source": {"advisory": "GHSA-6gm8-3g4h-w82m", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-03T15:42:35.859554Z", "id": "CVE-2026-34761", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-03T15:43:40.050Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-34761", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-03T15:42:35.859554Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-03T15:43:34.738Z"}}], "cna": {"title": "Ella Core Panics Upon NGAP handover failure", "source": {"advisory": "GHSA-6gm8-3g4h-w82m", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "ellanetworks", "product": "core", "versions": [{"status": "affected", "version": "< 1.8.0"}]}], "references": [{"url": "https://github.com/ellanetworks/core/security/advisories/GHSA-6gm8-3g4h-w82m", "name": "https://github.com/ellanetworks/core/security/advisories/GHSA-6gm8-3g4h-w82m", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/ellanetworks/core/releases/tag/v1.8.0", "name": "https://github.com/ellanetworks/core/releases/tag/v1.8.0", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Ella Core is a 5G core designed for private networks. Prior to version 1.8.0, Ella Core panics when processing a NGAP handover failure message. An attacker able to cause a gNodeB to send NGAP handover failure messages to Ella Core can crash the process, causing service disruption for all connected subscribers. This issue has been patched in version 1.8.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-476", "description": "CWE-476: NULL Pointer Dereference"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-02T19:03:05.307Z"}}}, "cveMetadata": {"cveId": "CVE-2026-34761", "state": "PUBLISHED", "dateUpdated": "2026-04-03T15:43:40.050Z", "dateReserved": "2026-03-30T19:17:10.225Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-02T19:03:05.307Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ellanetworks:ella_core:*:*:*:*:*:*:*:*", "matchCriteriaId": "F79EF764-4DAE-481E-9B49-974F342B1860", "versionEndExcluding": "1.8.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Ella Core is a 5G core designed for private networks. Prior to version 1.8.0, Ella Core panics when processing a NGAP handover failure message. An attacker able to cause a gNodeB to send NGAP handover failure messages to Ella Core can crash the process, causing service disruption for all connected subscribers. This issue has been patched in version 1.8.0."}], "id": "CVE-2026-34761", "lastModified": "2026-04-07T16:51:35.653", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 4.0, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-04-02T20:16:25.747", "references": [{"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/ellanetworks/core/releases/tag/v1.8.0"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/ellanetworks/core/security/advisories/GHSA-6gm8-3g4h-w82m"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.8.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "core", "source": "cna", "vendor": "ellanetworks"}, "product": "core", "vendor": "ellanetworks"}], "analysis": {"en": {"generated_at": "2026-04-07T23:02:27.081052+00:00", "value": {"mitigation_remediation": ["Upgrade Ella Core to version 1.8.0 or later.", "Verify all instances are running the patched version."], "summary": {"action": "Apply Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "Affected vendor is Ella Networks; product is Ella Core. All versions prior to 1.8.0 are vulnerable. The issue was fixed in release 1.8.0 and later.", "description_and_impact": "Ella Core\u2019s NGAP handover failure handling contains a null pointer dereference that causes the application to panic. Exploitation allows an attacker who can induce a gNodeB to send NGAP handover failure messages to cause a crash, denying all connected subscribers access to network services.", "risk_and_exploitability": "The CVSS score of 5.8 indicates moderate severity. The EPSS score is below 1%, suggesting a low likelihood of exploitation. The flaw is not listed in CISA\u2019s KEV catalog. Attackers would need the ability to influence gNodeB behavior to send NGAP handover failure messages, with no official workaround available other than patching."}}}}, "created": "2026-04-03T07:31:33.075113+00:00", "updated": "2026-04-08T19:55:23.817856+00:00", "vendors": ["ellanetworks", "ellanetworks$PRODUCT$core"]}