AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-30077: OpenAirInterface V2.2.0 AMF crashes when it fails to decode the message. Not all decode failures result in a crash. But

highvulnerability

security

Source: NVD/CVE DatabaseMarch 30, 2026CVE-2026-30077

Summary

OpenAirInterface V2.2.0 AMF (a component in 5G networks that manages connections) crashes when it encounters certain malformed messages that it cannot decode properly, though not all decoding failures cause a crash. The vulnerability stems from improper input validation (failing to properly check if incoming data is in the correct format before processing it).

Vulnerability Details

CVSS Score

7.5(high)

EPSS (30-day exploit probability)

EPSS: 0.0%

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

network

Attack Complexity

low

Privileges Required

none

User Interaction

none

Disclosure Date

March 30, 2026

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-20

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-30077

First tracked: March 30, 2026 at 08:07 PM

Classified by LLM (prompt v3) · confidence: 95%