QSearchQSearch

CVE-2026-8744

4.3 MEDIUM

A vulnerability was determined in Open5GS up to 2.7.7

Published: 2026-05-17 · Last updated: 2026-05-18

Severity and scoring

CVSS
4.3 MEDIUM
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CWE
CWE-404

Affected products

VendorProduct
open5gsopen5gs

Description

A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function ogs_sbi_subscription_data_add/ogs_sbi_nf_service_add in the library /lib/sbi/context.c of the component NRF. Executing a manipulation can lead to denial of service. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. This patch is called 819db11a08b9736a3576c4f99ceb28f7eb99523a. A patch should be applied to remediate this issue.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-8746 A security flaw has been discovered in Open5GS up to 2.7.7 (4.3 MEDIUM)
  • CVE-2026-8745 A vulnerability was identified in Open5GS up to 2.7.7 (4.3 MEDIUM)
  • CVE-2026-8743 A vulnerability was found in Open5GS up to 2.7.6 (6.3 MEDIUM)
  • CVE-2026-8731 A vulnerability has been found in Open5GS up to 2.7.7 (4.3 MEDIUM)
  • CVE-2026-8730 A flaw has been found in Open5GS up to 2.7.6 (4.3 MEDIUM)

Same CWE

  • CVE-2026-11317 A denial of service security issue exists in the affected product
  • CVE-2026-45174 Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allow a local attacker to potentially compromise the agent daemon ini...
  • CVE-2026-47213 Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI containers within them to ru... (6.5 MEDIUM)
  • CVE-2026-11312 A vulnerability was found in bytedance InfiniStore up to 0.2.33 (3.3 LOW)
  • CVE-2026-10802 A vulnerability was detected in keystonejs keystone up to 20260319 (4.3 MEDIUM)