QSearchQSearch

CVE-2026-8743

6.3 MEDIUM

A vulnerability was found in Open5GS up to 2.7.6

Published: 2026-05-17 · Last updated: 2026-05-19

Severity and scoring

CVSS
6.3 MEDIUM
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE
CWE-266, CWE-285

Affected products

VendorProduct
open5gsopen5gs

Description

A vulnerability was found in Open5GS up to 2.7.6. This impacts the function ran_ue_find_by_amf_ue_ngap_id of the file src/amf/context.c of the component AMF/MME. Performing a manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The patch is named 5746b8576cfceec18ed87eb7d8cf11b1fb4cd8b1. It is suggested to install a patch to address this issue.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-8746 A security flaw has been discovered in Open5GS up to 2.7.7 (4.3 MEDIUM)
  • CVE-2026-8745 A vulnerability was identified in Open5GS up to 2.7.7 (4.3 MEDIUM)
  • CVE-2026-8744 A vulnerability was determined in Open5GS up to 2.7.7 (4.3 MEDIUM)
  • CVE-2026-8731 A vulnerability has been found in Open5GS up to 2.7.7 (4.3 MEDIUM)
  • CVE-2026-8730 A flaw has been found in Open5GS up to 2.7.6 (4.3 MEDIUM)

Same CWE

  • CVE-2026-53862 OpenClaw before 2026.5.12 contains a bootstrap token replay vulnerability allowing callers with pending token access to reuse tokens with... (4.2 MEDIUM)
  • CVE-2026-53847 OpenClaw before 2026.5.6 contains a privilege escalation vulnerability in the Active Memory write scope that allows Gateway operators wit... (5.4 MEDIUM)
  • CVE-2026-49780 Customer Privilege Escalation in Dokan <= 5.0.2 versions (8.8 HIGH)
  • CVE-2026-49083 Contributor Privilege Escalation in LatePoint <= 5.5.1 versions (7.5 HIGH)
  • CVE-2026-49063 Unauthenticated Privilege Escalation in Listdom <= 5.5.0 versions (7.3 HIGH)