CVE-2026-34761

MEDIUM CVSS 5.8 View on NVD ↗

Description

Ella Core is a 5G core designed for private networks. Prior to version 1.8.0, Ella Core panics when processing a NGAP handover failure message. An attacker able to cause a gNodeB to send NGAP handover failure messages to Ella Core can crash the process, causing service disruption for all connected subscribers. This issue has been patched in version 1.8.0.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H

References

https://github.com/ellanetworks/core/releases/tag/v1.8.0
https://github.com/ellanetworks/core/security/advisories/GHSA-6gm8-3g4h-w82m

Published: Apr 02, 2026 20:16 UTC Modified: Apr 03, 2026 16:10 UTC