QSearchQSearch

CVE-2026-8731

4.3 MEDIUM

A vulnerability has been found in Open5GS up to 2.7.7

Published: 2026-05-17 · Last updated: 2026-05-18

Severity and scoring

CVSS
4.3 MEDIUM
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CWE
CWE-404

Affected products

VendorProduct
open5gsopen5gs

Description

A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function ogs_sbi_client_add in the library /lib/sbi/client.c of the component NRF. The manipulation of the argument client_pool leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-8746 A security flaw has been discovered in Open5GS up to 2.7.7 (4.3 MEDIUM)
  • CVE-2026-8745 A vulnerability was identified in Open5GS up to 2.7.7 (4.3 MEDIUM)
  • CVE-2026-8744 A vulnerability was determined in Open5GS up to 2.7.7 (4.3 MEDIUM)
  • CVE-2026-8743 A vulnerability was found in Open5GS up to 2.7.6 (6.3 MEDIUM)
  • CVE-2026-8730 A flaw has been found in Open5GS up to 2.7.6 (4.3 MEDIUM)

Same CWE

  • CVE-2026-11317 A denial of service security issue exists in the affected product
  • CVE-2026-45174 Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allow a local attacker to potentially compromise the agent daemon ini...
  • CVE-2026-47213 Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI containers within them to ru... (6.5 MEDIUM)
  • CVE-2026-11312 A vulnerability was found in bytedance InfiniStore up to 0.2.33 (3.3 LOW)
  • CVE-2026-10802 A vulnerability was detected in keystonejs keystone up to 20260319 (4.3 MEDIUM)