PT-2026-41536 · Open5Gs · Open5Gs

Ziyulin

·

Published

2026-05-17

·

Updated

2026-05-17

·

CVE-2026-8744

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.8
Description A flaw in the NRF component of the library /lib/sbi/context.c allows a remote attacker to cause a denial of service. The issue exists within the ogs sbi subscription data add() and ogs sbi nf service add() functions.
Recommendations Apply patch 819db11a08b9736a3576c4f99ceb28f7eb99523a to remediate the issue. As a temporary workaround, restrict access to the ogs sbi subscription data add() and ogs sbi nf service add() functions.

Exploit

Fix

DoS

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-404

Related Identifiers

CVE-2026-8744

Affected Products

Open5Gs