ByteOS Network

CVE Vulnerability Details :

CVE-2026-9301

PUBLISHED

More Info Official Page

Assigner-VulDB

Assigner Org ID-1af790b2-7ee1-4545-860a-a788eba489b5

Published At-23 May, 2026 | 13:00

Updated At-23 May, 2026 | 13:00

▼CVE Numbering Authority (CNA)

omec-project amf NGReset Message memory corruption

A vulnerability was found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGReset Message Handler. Performing a manipulation results in memory corruption. The attack is possible to be carried out remotely. The exploit has been made public and could be used. It is recommended to apply a patch to fix this issue.

Affected Products

Vendor

omec-project

Product

amf

CPEs

cpe:2.3:a:omec-project:amf:*:*:*:*:*:*:*:*

Modules

NGReset Message Handler

Versions

Affected

2.1.0
2.1.1

Problem Types

Type	CWE ID	Description
CWE	CWE-119	Memory Corruption

Type: CWE

CWE ID: CWE-119

Description: Memory Corruption

Metrics

Version	Base score	Base severity	Vector
4.0	5.3	MEDIUM	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
3.1	6.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
3.0	6.3	MEDIUM	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
2.0	6.5	N/A	AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C

Version: 4.0

Base score: 5.3

Base severity: MEDIUM

Vector:

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Version: 3.1

Base score: 6.3

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

Version: 3.0

Base score: 6.3

Base severity: MEDIUM

Vector:

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

Version: 2.0

Base score: 6.5

Base severity: N/A

Vector:

AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C

Credits

reporter

shovon0203 (VulDB User)

Timeline

Event	Date
Advisory disclosed	2026-05-22 00:00:00
VulDB entry created	2026-05-22 02:00:00
VulDB entry last update	2026-05-22 19:50:16

Event: Advisory disclosed

Date: 2026-05-22 00:00:00

Event: VulDB entry created

Date: 2026-05-22 02:00:00

Event: VulDB entry last update

Date: 2026-05-22 19:50:16

References

Hyperlink	Resource
https://vuldb.com/vuln/365248	vdb-entry
https://vuldb.com/vuln/365248/cti	signature permissions-required
https://vuldb.com/submit/811842	third-party-advisory
https://github.com/omec-project/amf/issues/678	exploit issue-tracking
https://github.com/omec-project/amf/pull/666	issue-tracking patch
https://github.com/omec-project/amf/	product