QSearchQSearch

CVE-2026-8729

4.3 MEDIUM

A vulnerability was detected in Open5GS up to 2.7.7

Published: 2026-05-17 · Last updated: 2026-05-18

Severity and scoring

CVSS
4.3 MEDIUM
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CWE
CWE-404

Affected products

VendorProduct
open5gsopen5gs

Description

A vulnerability was detected in Open5GS up to 2.7.7. This affects an unknown function in the library /lib/sbi/message.c of the component NRF. Performing a manipulation of the argument service-names/snssais results in denial of service. The attack is possible to be carried out remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-8746 A security flaw has been discovered in Open5GS up to 2.7.7 (4.3 MEDIUM)
  • CVE-2026-8745 A vulnerability was identified in Open5GS up to 2.7.7 (4.3 MEDIUM)
  • CVE-2026-8744 A vulnerability was determined in Open5GS up to 2.7.7 (4.3 MEDIUM)
  • CVE-2026-8743 A vulnerability was found in Open5GS up to 2.7.6 (6.3 MEDIUM)
  • CVE-2026-8731 A vulnerability has been found in Open5GS up to 2.7.7 (4.3 MEDIUM)

Same CWE

  • CVE-2026-11317 A denial of service security issue exists in the affected product
  • CVE-2026-45174 Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allow a local attacker to potentially compromise the agent daemon ini...
  • CVE-2026-47213 Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI containers within them to ru... (6.5 MEDIUM)
  • CVE-2026-11312 A vulnerability was found in bytedance InfiniStore up to 0.2.33 (3.3 LOW)
  • CVE-2026-10802 A vulnerability was detected in keystonejs keystone up to 20260319 (4.3 MEDIUM)