CVE-2026-37226

Same vendor

• CVE-2026-37234 — FlexRIC v2.0.0 allows a single SCTP connection to bind multiple xapp_ids by sending multiple E42_SETUP_REQUESTs (8.2 HIGH)
• CVE-2026-37235 — FlexRIC v2.0.0 trusts the xapp_id field from E42 message payloads without binding it to the sender's SCTP association (7.5 HIGH)
• CVE-2026-37233 — FlexRIC v2.0.0 contains an authorization bypass in the iApp's xApp isolation mechanism (7.5 HIGH)
• CVE-2026-37231 — FlexRIC v2.0.0 uses a uint16_t counter for xapp_id assignment but stores the value in uint32_t message fields (7.5 HIGH)
• CVE-2026-37230 — FlexRIC v2.0.0 crashes when the near-RT RIC receives a RIC_INDICATION message with a ran_func_id that does not exist in its registry (7.5 HIGH)

Same CWE

• CVE-2025-7018 — Null pointer dereference vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Denial-of-Service of... (5.5 MEDIUM)
• CVE-2026-53463 — ImageMagick is free and open-source software used for editing and manipulating digital images (4.3 MEDIUM)
• CVE-2026-24716 — A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions
• CVE-2026-22899 — A NULL pointer dereference vulnerability has been reported to affect File Station 6 (6.5 MEDIUM)
• CVE-2025-66281 — A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions