Package impact
GO / github.com/ellanetworks/core
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-44473 | high | 7.1 | 7.1 | 1d ago | Ella Core is a 5G core designed for private networks. Prior to 1.10.0, a radio with a valid NG Setup can send a forged PDUSessionResourceSetupResponse carrying any UE's AMF-UE-NGAP-ID. Ella Core does… | |
| CVE-2026-44475 | medium | 6.1 | 6.1 | 1d ago | Ella Core is a 5G core designed for private networks. Prior to 1.10.0, Ella Core does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against its locally stored va… | |
| CVE-2026-44474 | low | 3.7 | 3.7 | 1d ago | Ella Core has handover failures during concurrent Security Mode Command |