AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-65805: OpenAirInterface CN5G AMF<=v2.1.9 has a buffer overflow vulnerability in processing NAS messages. Unauthorized remote at

highvulnerability

security

Source: NVD/CVE DatabaseJanuary 7, 2026CVE-2025-65805

Summary

OpenAirInterface CN5G AMF (a software component for handling mobile network communications) version 2.1.9 and earlier contains a buffer overflow vulnerability (a memory safety bug where data exceeds allocated space) in how it processes NAS messages (protocol messages used in mobile networks). Remote attackers without authorization can exploit this by sending an unusually long IMSI string (a mobile subscriber identifier) through port N1, potentially crashing the system or running malicious code.

Vulnerability Details

CVSS Score

7.5(high)

EPSS (30-day exploit probability)

EPSS: 0.1%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-121

CAPEC (Attack Pattern)

CAPEC-100

Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-65805

First tracked: February 15, 2026 at 08:49 PM

Classified by LLM (prompt v3) · confidence: 95%