CVE-2026-9298
6.3 MEDIUMA vulnerability was detected in omec-project amf up to 2.1.1
Published: 2026-05-23 · Last updated: 2026-05-26
Severity and scoring
- CVSS
- 6.3 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
- CWE
- CWE-119
Description
A vulnerability was detected in omec-project amf up to 2.1.1. Affected by this vulnerability is an unknown functionality of the component PathSwitchRequest Handler. The manipulation results in memory corruption. The attack may be launched remotely. The exploit is now public and may be used. It is advisable to implement a patch to correct this issue.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-9298
- [Other]https://github.com/omec-project/amf/
- [Other]https://github.com/omec-project/amf/issues/680
- [Other]https://github.com/omec-project/amf/pull/666
- [Other]https://vuldb.com/submit/811684
- [Other]https://vuldb.com/vuln/365245
- [Other]https://vuldb.com/vuln/365245/cti
Related CVEs
Same CWE
- CVE-2026-12330 — Incorrect boundary conditions in the Internationalization component (5.4 MEDIUM)
- CVE-2026-12329 — Memory safety bug fixed in Thunderbird ESR 140.12 (5.3 MEDIUM)
- CVE-2026-12327 — Memory safety bugs present in Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151 (7.3 HIGH)
- CVE-2026-12326 — Memory safety bugs present in Firefox 151 and Thunderbird 151 (7.3 HIGH)
- CVE-2026-12318 — Incorrect boundary conditions in the Libraries component in NSS (7.3 HIGH)