PT-2026-39569 · Open5Gs · Open5Gs

Franklin

·

Published

2026-05-11

·

Updated

2026-05-11

·

CVE-2026-8270

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.8
Description A remote denial of service can be triggered in the SMF component through the manipulation of the ogs nas parse qos rules() function.
Recommendations Update to a version later than 2.7.7. As a temporary workaround, restrict access to the SMF component to minimize the risk of exploitation.

Exploit

Fix

DoS

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-8270

Affected Products

Open5Gs