QSearchQSearch

CVE-2026-8745

4.3 MEDIUM

A vulnerability was identified in Open5GS up to 2.7.7

Published: 2026-05-17 · Last updated: 2026-05-18

Severity and scoring

CVSS
4.3 MEDIUM
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CWE
CWE-404

Affected products

VendorProduct
open5gsopen5gs

Description

A vulnerability was identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function ogs_timer_add in the library /src/ausf/nausf-handler.c of the component AUSF. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-8746 A security flaw has been discovered in Open5GS up to 2.7.7 (4.3 MEDIUM)
  • CVE-2026-8744 A vulnerability was determined in Open5GS up to 2.7.7 (4.3 MEDIUM)
  • CVE-2026-8743 A vulnerability was found in Open5GS up to 2.7.6 (6.3 MEDIUM)
  • CVE-2026-8731 A vulnerability has been found in Open5GS up to 2.7.7 (4.3 MEDIUM)
  • CVE-2026-8730 A flaw has been found in Open5GS up to 2.7.6 (4.3 MEDIUM)

Same CWE

  • CVE-2026-11317 A denial of service security issue exists in the affected product
  • CVE-2026-45174 Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allow a local attacker to potentially compromise the agent daemon ini...
  • CVE-2026-47213 Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI containers within them to ru... (6.5 MEDIUM)
  • CVE-2026-11312 A vulnerability was found in bytedance InfiniStore up to 0.2.33 (3.3 LOW)
  • CVE-2026-10802 A vulnerability was detected in keystonejs keystone up to 20260319 (4.3 MEDIUM)