Unrated severityNVD Advisory· Published Oct 27, 2025· Updated Oct 29, 2025

Reachable Assertion vulnerability in Open5GS

CVE-2025-41068

Description

Reachable Assertion vulnerability in Open5GS up to version 2.7.6 allows attackers with connectivity to the NRF to cause a denial of service. This is achieved by sending the creation of an NF with an invalid type via SBI and then requesting its data. The NRF executes a check that crashes the process, leaving the discovery service unresponsive.

Affected products

Open5gs/Open5gsllm-fuzzy
Range: <=2.7.6
NewPlane/Open5GSv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

open5gs.org/open5gs/release/2025/07/19/release-v2.7.6.htmlmitrepatch
www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-newplanes-open5gsmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000