5G Core Vulnerability in Ella Core by Ella Networks
CVE-2026-34761

5.8MEDIUM

Key Information:

Vendor: Ellanetworks
Status: Core
Vendor: CVE Published:; 2 April 2026

🔔 Create Ellanetworks Vulnerability Alert

What is CVE-2026-34761?

Ella Core is a 5G core solution intended for private networks. A flaw exists that causes Ella Core to crash upon receiving NGAP handover failure messages. This vulnerability can be exploited if an attacker successfully prompts a gNodeB to send these failure messages, leading to a denial of service for all connected subscribers. The issue has been addressed in version 1.8.0, where the necessary patches have been implemented.

Affected Version(s)

core < 1.8.0

References

https://github.com/ellanetworks/core/security/advisories/...

x_refsource_CONFIRM

https://github.com/ellanetworks/core/releases/tag/v1.8.0

x_refsource_MISC

CVSS V3.1

Score:

5.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 2, 2026
Vulnerability Reserved
Mar 30, 2026

CVE-2026-34761 Data

JSON