CVE-2026-8270

A vulnerability was determined in Open5GS up to 2.7.7. The affected element is the function ogs_nas_parse_qos_rules of the component SMF. Executing a manipulation can lead to denial of service. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The proj...

medium 4.3 CVSS 3.1

Published: May 11, 2026

Modified: May 12, 2026

Vendor: Open5Gs

Product: Open5Gs

Description

A vulnerability was determined in Open5GS up to 2.7.7. The affected element is the function ogs_nas_parse_qos_rules of the component SMF. Executing a manipulation can lead to denial of service. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.

References

Related CVEs

CVSS Breakdown

Version	3.1
Score	4.3 / 10
Severity	medium

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Weakness (CWE)

CWE-404

Affected Product

Vendor	Open5Gs
Product	Open5Gs