CVE-2026-8268

A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function OpenAPI_list_create of the component SMF. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The project was informed o...

medium 4.3 CVSS 3.1

Published: May 11, 2026

Modified: May 12, 2026

Vendor: Open5Gs

Product: Open5Gs

Description

A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function OpenAPI_list_create of the component SMF. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

References

https://github.com/open5gs/open5gs/
https://github.com/open5gs/open5gs/issues/4449
https://vuldb.com/submit/808485
https://vuldb.com/vuln/362565
https://vuldb.com/vuln/362565/cti

Related CVEs

CVSS Breakdown

Version	3.1
Score	4.3 / 10
Severity	medium

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Weakness (CWE)

CWE-404

Affected Product

Vendor	Open5Gs
Product	Open5Gs