CVE-2026-23818 – HPE Private 5G Core
“When telecom core systems are exposed, the entire network becomes a target.”
Hewlett Packard Enterprise has released a security patch for CVE-2026-23818 affecting its Private 5G Core platform. This high-severity vulnerability impacts critical network control functions and could allow attackers to interfere with core operations or access sensitive network data. Given the role of 5G core infrastructure, exploitation could disrupt communications or compromise service integrity. The CVSS score is 8.8, which is High severity.
Proof-of-concept code is publicly available, confirming that the vulnerability is actionable and increasing the likelihood of targeted attacks. Organizations running HPE Private 5G Core should treat this as a significant risk to network stability and security.
Key Details
- Affected Product
- Hpe Aruba Networking Private 5g Core
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- Required
- CWE Classification
- CWE-601