VYPR
Vendor

Open5gs

Products
1
CVEs
173
Across products
173
Status
Private

Products

1

Recent CVEs

173
View all 173 CVEs →
  • CVE-2025-46115HigApr 30, 2026
    risk 0.49cvss 7.5epss 0.00

    An issue in open5gs v.2.7.3 allows a remote attacker to cause a denial of service via a crafted PDU Session Modification Request

  • CVE-2025-56568HigApr 30, 2026
    risk 0.42cvss 7.5epss 0.00

    Assertion failure vulnerability in the PCO (Protocol Configuration Options) parser in the SMF (Session Management Function) component of Open5GS before v2.7.5 allows remote attackers to cause denial of service via specially crafted NGAP messages containing malformed length…

  • CVE-2026-10157HigMay 31, 2026
    risk 0.40cvss 7.3epss 0.00

    A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely.…

  • CVE-2025-15555HigFeb 4, 2026
    risk 0.40cvss 7.3epss 0.01

    A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function hss_ogs_diam_cx_mar_cb of the file src/hss/hss-cx-path.c of the component VoLTE Cx-Test. The manipulation of the argument OGS_KEY_LEN results in stack-based buffer…

  • CVE-2026-8743MedMay 17, 2026
    risk 0.34cvss 6.3epss 0.00

    A vulnerability was found in Open5GS up to 2.7.6. This impacts the function ran_ue_find_by_amf_ue_ngap_id of the file src/amf/context.c of the component AMF/MME. Performing a manipulation results in improper authorization. It is possible to initiate the attack remotely. The…

  • CVE-2026-8226MedMay 10, 2026
    risk 0.34cvss 5.3epss 0.00

    A security flaw has been discovered in Open5GS up to 2.7.7. This vulnerability affects the function ogs_pcc_rule_install_flow_from_media in the library /lib/proto/types.c. The manipulation results in denial of service. The attack can be launched remotely. The exploit has been…

  • CVE-2026-8225MedMay 10, 2026
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was identified in Open5GS up to 2.7.7. This affects the function pcf_npcf_smpolicycontrol_handle_delete of the file src/pcf/sm-sm.c of the component delete Endpoint. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit is…

  • CVE-2026-8224MedMay 10, 2026
    risk 0.34cvss 5.3epss 0.01

    A vulnerability was determined in Open5GS up to 2.7.7. Affected by this issue is the function pcf_sess_set_ipv6prefix of the file /src/pcf/context.c of the component PCF. Executing a manipulation of the argument SmPolicyContextData.ipv6AddressPrefix can lead to denial of…

  • CVE-2026-8223MedMay 10, 2026
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcf_sess_sbi_discover_and_send of the component sm-policies Endpoint. Performing a manipulation results in denial of service. It is possible to initiate the attack remotely. The…

  • CVE-2026-8222MedMay 10, 2026
    risk 0.34cvss 5.3epss 0.00

    A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcf_nbsf_management_handle_register of the file src/pcf/nbsf-handler.c of the component sm-policies Endpoint. Such manipulation leads to denial of service. The attack may be performed from remote.…

  • CVE-2026-8187MedMay 9, 2026
    risk 0.34cvss 5.3epss 0.01

    A flaw has been found in Open5GS up to 2.7.7. This impacts the function _gtpv1_u_recv_cb of the file src/upf/gtp-path.c of the component UPF. Executing a manipulation can lead to resource consumption. The attack may be performed from remote. The project was informed of the…

  • CVE-2026-7536MedMay 1, 2026
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was determined in Open5GS up to 2.7.7. This vulnerability affects the function bsf_sess_add_by_ip_address of the file /nbsf-management/v1/pcfBindings of the component BSF. Executing a manipulation of the argument ipv4Addr can lead to denial of service. The attack…

  • CVE-2026-10156MedMay 31, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was determined in Open5GS up to 2.7.7. This affects the function handle_amf_info in the library /lib/sbi/nnrf-handler.c of the component nf-instances Endpoint. Executing a manipulation of the argument nf_info_pool can lead to resource consumption. The attack may…

  • CVE-2026-10117MedMay 30, 2026
    risk 0.28cvss 4.3epss 0.00

    A weakness has been identified in Open5GS up to 2.7.7. This issue affects the function ogs_pool_id_calloc in the library /lib/sbi/nghttp2-server.c. Executing a manipulation can lead to denial of service. The attack may be launched remotely. The exploit has been made available to…

  • CVE-2026-10115MedMay 30, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was identified in Open5GS up to 2.7.7. This affects an unknown part in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. Such manipulation leads to denial of service. The attack can be launched remotely. The exploit is publicly…

  • CVE-2026-10114MedMay 30, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was determined in Open5GS up to 2.7.7. Affected by this issue is the function handle_scp_info in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. This manipulation causes out-of-bounds write. The attack can be initiated remotely. The…

  • CVE-2026-10113MedMay 30, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is an unknown functionality in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. The manipulation results in denial of service. It is possible to launch the attack…

  • CVE-2026-8746MedMay 17, 2026
    risk 0.28cvss 4.3epss 0.00

    A security flaw has been discovered in Open5GS up to 2.7.7. Affected by this issue is the function discover_handler in the library /lib/sbi/nghttp2-server.c of the component NRF. The manipulation results in use after free. The attack can be launched remotely. The exploit has…

  • CVE-2026-8745MedMay 17, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function ogs_timer_add in the library /src/ausf/nausf-handler.c of the component AUSF. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit is…

  • CVE-2026-8731MedMay 17, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function ogs_sbi_client_add in the library /lib/sbi/client.c of the component NRF. The manipulation of the argument client_pool leads to denial of service. It is possible to initiate the attack remotely. The…