CVE-2026-1738

CVSS v3.1

5.3

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions Open5GS versions up to 2.7.6

Description A flaw exists in Open5GS up to version 2.7.6, specifically within the SGWC component. The issue resides in the

sgwc tunnel add

function located in the

/src/sgwc/context.c

file. Manipulation of the

pdr

argument can trigger a reachable assertion, and the attack can be executed remotely. An exploit for this issue has been published.

Recommendations Versions prior to 2.7.6 should be updated.

Exploit

Fix

Assertion Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

CVE-2026-1738

Open5Gs