CVE-2026-2524

CVSS v3.1

5.3

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions Open5GS version 2.7.6

Description A flaw exists in Open5GS 2.7.6 that can lead to a denial of service. The issue is located within the

mme s11 handle create session response

function of the MME component. This manipulation can be initiated remotely. An exploit for this issue has been published. The project was notified of the problem but has not yet responded.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404

Related Identifiers

CVE-2026-2524

Affected Products

Open5Gs

CVE-2026-2524

Weakness Enumeration

Related Identifiers

Affected Products

References · 10