{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-15T09:27:37.931","vulnerabilities":[{"cve":{"id":"CVE-2026-32320","sourceIdentifier":"security-advisories@github.com","published":"2026-03-13T19:54:42.450","lastModified":"2026-03-19T13:38:45.690","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Ella Core is a 5G core designed for private networks. Prior to 1.5.1, Ella Core panics when processing a PathSwitchRequest containing UE Security Capabilities with zero-length NR encryption or integrity protection algorithm bitstrings, resulting in a denial of service. An attacker able to send crafted NGAP messages to Ella Core can crash the process, causing service disruption for all connected subscribers. No authentication is required. This vulnerability is fixed in 1.5.1."},{"lang":"es","value":"Ella Core es un núcleo 5G diseñado para redes privadas. Antes de la versión 1.5.1, Ella Core entra en pánico al procesar una PathSwitchRequest que contiene capacidades de seguridad de UE con bitstrings de algoritmo de cifrado NR o de protección de integridad de longitud cero, lo que resulta en una denegación de servicio. Un atacante capaz de enviar mensajes NGAP manipulados a Ella Core puede bloquear el proceso, causando interrupción del servicio para todos los suscriptores conectados. No se requiere autenticación. Esta vulnerabilidad está corregida en la versión 1.5.1."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ellanetworks:ella_core:*:*:*:*:*:*:*:*","versionEndExcluding":"1.5.1","matchCriteriaId":"187BCA62-CD29-487C-B2AE-AEEA54452188"}]}]}],"references":[{"url":"https://github.com/ellanetworks/core/security/advisories/GHSA-j478-p7vq-3347","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}