Vendor
Ella Core versions prior to 1.6.0 are vulnerable to a denial-of-service attack where a crafted NGAP LocationReport message with a missing `UEPresenceInAreaOfInterestList` can crash the process, disrupting service for all connected subscribers.