AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-66786: OpenAirInterface CN5G AMF<=v2.0.1 There is a logical error when processing JSON format requests. Unauthorized remote att

highvulnerability

security

Source: NVD/CVE DatabaseJanuary 7, 2026CVE-2025-66786

Summary

OpenAirInterface CN5G AMF (a component that handles network requests) versions 2.0.1 and earlier contain a logical error in how they process JSON format requests. Unauthorized attackers can exploit this flaw by sending malicious JSON data to the AMF's SBI interface (the system's network communication endpoint) to cause a denial-of-service attack (making the service unavailable to legitimate users).

Vulnerability Details

CVSS Score

7.5(high)

EPSS (30-day exploit probability)

EPSS: 0.1%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-20

Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-66786

First tracked: February 15, 2026 at 08:49 PM

Classified by LLM (prompt v3) · confidence: 95%