QSearchQSearch

CVE-2026-8728

4.3 MEDIUM

A security vulnerability has been detected in Open5GS up to 2.7.7

Published: 2026-05-17 · Last updated: 2026-05-18

Severity and scoring

CVSS
4.3 MEDIUM
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CWE
CWE-404

Affected products

VendorProduct
open5gsopen5gs

Description

A security vulnerability has been detected in Open5GS up to 2.7.7. The impacted element is the function ogs_sbi_discovery_option_parse_plmn_list in the library /lib/sbi/conv.c of the component NRF. Such manipulation of the argument target-plmn-list leads to denial of service. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-8746 A security flaw has been discovered in Open5GS up to 2.7.7 (4.3 MEDIUM)
  • CVE-2026-8745 A vulnerability was identified in Open5GS up to 2.7.7 (4.3 MEDIUM)
  • CVE-2026-8744 A vulnerability was determined in Open5GS up to 2.7.7 (4.3 MEDIUM)
  • CVE-2026-8743 A vulnerability was found in Open5GS up to 2.7.6 (6.3 MEDIUM)
  • CVE-2026-8731 A vulnerability has been found in Open5GS up to 2.7.7 (4.3 MEDIUM)

Same CWE

  • CVE-2026-11317 A denial of service security issue exists in the affected product
  • CVE-2026-45174 Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allow a local attacker to potentially compromise the agent daemon ini...
  • CVE-2026-47213 Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI containers within them to ru... (6.5 MEDIUM)
  • CVE-2026-11312 A vulnerability was found in bytedance InfiniStore up to 0.2.33 (3.3 LOW)
  • CVE-2026-10802 A vulnerability was detected in keystonejs keystone up to 20260319 (4.3 MEDIUM)