CVE-2026-34761

MEDIUM5.8EPSS 0.02%

Ella Core Panics Upon NGAP handover failure

Published: 4/1/2026Modified: 4/6/2026

Description

## Summary Ella Core panics when processing a NGAP handover failure message. ## Impact If an attacker can force a gNodeB to send NGAP handover failure messages to Ella Core, the process will crash, thereby disrupting service for all connected subscribers. ## Fix Improve guards in NGAP handover handlers.

Affected packages (1)

Go/github.com/ellanetworks/corefrom 0, < 1.8.0

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM5.8	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H

References (4)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2026-34761
PATCHhttps://github.com/ellanetworks/core
WEBhttps://github.com/ellanetworks/core/releases/tag/v1.8.0
WEBhttps://github.com/ellanetworks/core/security/advisories/GHSA-6gm8-3g4h-w82m