AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-26265: A segmentation fault in openairinterface5g v2.1.0 allows attackers to cause a Denial of Service (DoS) via a crafted UE C

mediumvulnerability

security

Source: NVD/CVE DatabaseMarch 27, 2025CVE-2025-26265

Summary

CVE-2025-26265 is a bug in openairinterface5g (software for 5G networks) version 2.1.0 that causes a segmentation fault (a crash when the program tries to access memory it shouldn't). Attackers can exploit this by sending a specially crafted UE Context Modification response (a message in the 5G network setup process) to crash the system and cause a Denial of Service (DoS, making the service unavailable to legitimate users). The underlying issue is improper memory buffer handling (the software doesn't properly check the boundaries of memory it's using).

Vulnerability Details

CVSS Score

6.5(medium)

EPSS (30-day exploit probability)

EPSS: 0.2%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-119

CAPEC (Attack Pattern)

CAPEC-100

Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-26265

First tracked: February 15, 2026 at 08:49 PM

Classified by LLM (prompt v3) · confidence: 95%