High severity7.5NVD Advisory· Published Apr 30, 2026· Updated May 4, 2026

CVE-2025-56568

Description

Assertion failure vulnerability in the PCO (Protocol Configuration Options) parser in the SMF (Session Management Function) component of Open5GS before v2.7.5 allows remote attackers to cause denial of service via specially crafted NGAP messages containing malformed length fields in protocol configuration data.

Affected products

Open5gs/Open5gsreferences

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/open5gs/open5gs/commit/d7707879c943d2c952235382154d835b5849d54envd
github.com/open5gs/open5gs/issues/3969nvd

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000