CVE-2026-2062

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Open5GS versions up to 2.7.6

Description A flaw exists in Open5GS impacting the sgwc s5c handle modify bearer response/sgwc sxa handle session modification response function within the PGW S5U Address Handler component. This can lead to a null pointer dereference, potentially allowing for remote exploitation. The exploit is publicly available.

Recommendations Apply the patch with identifier f1bbd7b57f831e2a070780a7d8d5d4c73babdb59.

Exploit

Fix

NULL Pointer Dereference

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476CWE-404

Related Identifiers

CVE-2026-2062

Affected Products

Open5Gs

CVE-2026-2062

Weakness Enumeration

Related Identifiers

Affected Products

References · 11