VYPR

Open5gs

by Open5gs

Source repositories

CVEs (173)

  • CVE-2026-8120MedMay 8, 2026
    risk 0.28cvss 4.3epss 0.00

    A flaw has been found in Open5GS up to 2.7.7. The affected element is the function nssf_nnrf_nsselection_handle_get_from_amf_or_vnssf of the file /src/nssf/nnssf-handler.c of the component NSSF. Executing a manipulation can lead to denial of service. The attack can be executed…

  • CVE-2026-7781MedMay 4, 2026
    risk 0.28cvss 4.3epss 0.00

    A security vulnerability has been detected in Open5GS up to 2.7.7. Affected by this issue is the function udm_nudm_uecm_handle_amf_registration_update of the file /src/udm/nudm-handler.c of the component amf-3gpp-access Endpoint. The manipulation leads to denial of service. The…

  • CVE-2026-7780MedMay 4, 2026
    risk 0.28cvss 4.3epss 0.00

    A weakness has been identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function udm_state_operational of the file /src/udm/udm-sm.c of the component smf-registrations Endpoint. Executing a manipulation can lead to denial of service. The attack can be…

  • CVE-2026-7779MedMay 4, 2026
    risk 0.28cvss 4.3epss 0.00

    A security flaw has been discovered in Open5GS up to 2.7.7. Affected is the function udm_nudr_dr_handle_subscription_authentication of the file /src/udm/nudr-handler.c of the component authentication-subscription Endpoint. Performing a manipulation results in denial of service.…

  • CVE-2026-7708MedMay 3, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was determined in Open5GS up to 2.7.7. The affected element is the function ogs_dbi_subscription_data in the library /lib/dbi/subscription.c of the component UDR. This manipulation of the argument supi_id causes denial of service. The attack may be initiated…

  • CVE-2026-7707MedMay 3, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function udr_nudr_dr_handle_subscription_context of the file /src/udr/nudr-handler.c of the component UDR. The manipulation of the argument pei results in denial of service. The attack can be launched remotely.…

  • CVE-2026-7706MedMay 3, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function gmm_handle_service_request of the file /src/amf/gmm-handler.c of the component AMF. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been…

  • CVE-2026-7587MedMay 1, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability has been found in Open5GS up to 2.7.7. This vulnerability affects the function amf_nsmf_pdusession_handle_update_sm_context of the file /src/amf/nsmf-handler.c of the component AMF. The manipulation leads to denial of service. It is possible to initiate the…

  • CVE-2026-7586MedMay 1, 2026
    risk 0.28cvss 4.3epss 0.00

    A weakness has been identified in Open5GS up to 2.7.7. Affected is the function ogs_id_get_value of the file /src/amf/nudm-handler.c of the component AMF. This manipulation causes denial of service. Remote exploitation of the attack is possible. The exploit has been made…

  • CVE-2026-7585MedMay 1, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was determined in Open5GS up to 2.7.7. The impacted element is the function amf_nudm_sdm_handle_provisioned of the file /src/amf/nudm-handler.c of the component AMF. Executing a manipulation can lead to denial of service. The attack can be launched remotely. The…

  • CVE-2026-7583MedMay 1, 2026
    risk 0.28cvss 4.3epss 0.00

    A flaw has been found in Open5GS up to 2.7.7. This issue affects the function bsf_sess_find_by_ipv6prefix of the file /src/bsf/context.c of the component BSF. This manipulation of the argument ipv6Prefix causes denial of service. It is possible to initiate the attack remotely.…

  • CVE-2026-7535MedMay 1, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was found in Open5GS up to 2.7.7. This affects the function amf_namf_comm_handle_registration_status_update_request in the library /lib/app/ogs-init.c of the file /namf-comm/v1/ue-contexts/{ueContextId}/transfer-update. Performing a manipulation of the argument…

  • CVE-2026-7518MedMay 1, 2026
    risk 0.28cvss 4.3epss 0.00

    A flaw has been found in Open5GS up to 2.7.7. This issue affects the function amf_namf_callback_handle_sdm_data_change_notify of the file /namf-callback/v1/{id}/sdmsubscription-notify of the component AMF SBI Endpoint. This manipulation of the argument changeItem.newValue causes…

  • CVE-2026-8186MedMay 9, 2026
    risk 0.27cvss 5.3epss 0.01

    A vulnerability was detected in Open5GS up to 2.7.7. This affects the function ogs_sbi_client_send_via_scp_or_sepp in the library lib/sbi/client.c of the component NF. Performing a manipulation results in out-of-bounds read. The attack is possible to be carried out remotely. The…

  • CVE-2026-4988LowMar 27, 2026
    risk 0.24cvss 3.7epss 0.01

    A security flaw has been discovered in Open5GS 2.7.6. This issue affects the function smf_gx_cca_cb/smf_gy_cca_cb/smf_s6b of the component CCA Message Handler. The manipulation results in denial of service. The attack may be launched remotely. Attacks of this nature are highly…

  • CVE-2026-10116MedMay 30, 2026
    risk 0.21cvss 4.3epss 0.00

    A security flaw has been discovered in Open5GS up to 2.7.7. This vulnerability affects the function ogs_sbi_xact_add in the library /lib/core/ogs-timer.c of the component ue-authentications Endpoint. Performing a manipulation results in denial of service. The attack may be…

  • CVE-2026-8744MedMay 17, 2026
    risk 0.21cvss 4.3epss 0.00

    A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function ogs_sbi_subscription_data_add/ogs_sbi_nf_service_add in the library /lib/sbi/context.c of the component NRF. Executing a manipulation can lead to denial of service. It is possible to launch the…

  • CVE-2026-8730MedMay 17, 2026
    risk 0.21cvss 4.3epss 0.00

    A flaw has been found in Open5GS up to 2.7.6. This impacts the function ogs_sbi_nf_instance_set_id in the library /lib/sbi/context.c of the component NRF. Executing a manipulation of the argument nfInstanceId can lead to denial of service. The attack may be performed from…

  • CVE-2026-8119LowMay 8, 2026
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was detected in Open5GS up to 2.7.7. Impacted is the function ogs_sbi_stream_find_by_id in the library /lib/sbi/nghttp2-server.c of the component NSSF. Performing a manipulation results in denial of service. Attacking locally is a requirement. The exploit is now…

  • CVE-2026-7601MedMay 2, 2026
    risk 0.21cvss 4.3epss 0.00

    A vulnerability has been found in Open5GS up to 2.7.6. Affected is an unknown function of the file src/amf/gmm-handler.c of the component AMF. The manipulation of the argument reg_type leads to denial of service. The attack is possible to be carried out remotely. Upgrading to…

Page 3 of 9