CVE-2026-2522 Open5GS MME esm-build.c memory corruption

A security vulnerability has been detected in Open5GS up to 2.7.6. Impacted is an unknown function of the file /src/mme/esm-build.c of the component MME. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be...

CVE-2026-2522 Open5GS MME esm-build.c memory corruption

A security vulnerability has been detected in Open5GS up to 2.7.6. Impacted is an unknown function of the file /src/mme/esm-build.c of the component MME. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be...

CVE-2026-2522

A security vulnerability has been detected in Open5GS up to 2.7.6. Impacted is an unknown function of the file /src/mme/esm-build.c of the component MME. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be...

CVE-2026-2521

A weakness has been identified in Open5GS up to 2.7.6. This issue affects the function sgwcs5chandlecreatesessionresponse of the component SGW-C. Executing a manipulation can lead to memory corruption. The attack may be performed from remote. The exploit has been made available to the public and...

CVE-2026-2521

A weakness has been identified in Open5GS up to 2.7.6. This issue affects the function sgwcs5chandlecreatesessionresponse of the component SGW-C. Executing a manipulation can lead to memory corruption. The attack may be performed from remote. The exploit has been made available to the public and...

CVE-2026-2521

A weakness has been identified in Open5GS up to 2.7.6. This issue affects the function sgwcs5chandlecreatesessionresponse of the component SGW-C. Executing a manipulation can lead to memory corruption. The attack may be performed from remote. The exploit has been made available to the public and...

CVE-2026-2521 Open5GS SGW-C sgwc_s5c_handle_create_session_response memory corruption

A weakness has been identified in Open5GS up to 2.7.6. This issue affects the function sgwcs5chandlecreatesessionresponse of the component SGW-C. Executing a manipulation can lead to memory corruption. The attack may be performed from remote. The exploit has been made available to the public and...

CVE-2026-2521 Open5GS SGW-C sgwc_s5c_handle_create_session_response memory corruption

A weakness has been identified in Open5GS up to 2.7.6. This issue affects the function sgwcs5chandlecreatesessionresponse of the component SGW-C. Executing a manipulation can lead to memory corruption. The attack may be performed from remote. The exploit has been made available to the public and...

CVE-2026-2521

Open5GS SGW-C sgwc_s5c_handle_create_session_response memory corruption vulnerability affecting Open5GS up to 2.7.6. Root cause is manipulation of the sgwc_s5c_handle_create_session_response function within SGW-C, with remote exploitation possible and public exploit availability. Impact is memory...

CVE-2026-2517

A security flaw has been discovered in Open5GS up to 2.7.6. This vulnerability affects the function ogsgtp2parsetft in the library lib/gtp/v2/types.c of the component SMF. Performing a manipulation of the argument pf0.content.length results in denial of service. The attack is possible to be carri...

CVE-2026-2517

A security flaw has been discovered in Open5GS up to 2.7.6. This vulnerability affects the function ogsgtp2parsetft in the library lib/gtp/v2/types.c of the component SMF. Performing a manipulation of the argument pf0.content.length results in denial of service. The attack is possible to be carri...

EUVD-2026-5828

A security flaw has been discovered in Open5GS up to 2.7.6. This vulnerability affects the function ogsgtp2parsetft in the library lib/gtp/v2/types.c of the component SMF. Performing a manipulation of the argument pf0.content.length results in denial of service. The attack is possible to be carri...

CVE-2026-2517 Open5GS SMF types.c ogs_gtp2_parse_tft denial of service

A security flaw has been discovered in Open5GS up to 2.7.6. This vulnerability affects the function ogsgtp2parsetft in the library lib/gtp/v2/types.c of the component SMF. Performing a manipulation of the argument pf0.content.length results in denial of service. The attack is possible to be carri...

CVE-2026-2517

Open5GS vulnerable up to version 2.7.6 due to a flaw in the SMF component. The issue is in ogs_gtp2_parse_tft (library lib/gtp/v2/types.c) where manipulating pf[0].content.length can cause a denial of service. Exploitation can be performed remotely, and public proof-of-concept code exists. The vu...

CVE-2026-2517

A security flaw has been discovered in Open5GS up to 2.7.6. This vulnerability affects the function ogsgtp2parsetft in the library lib/gtp/v2/types.c of the component SMF. Performing a manipulation of the argument pf0.content.length results in denial of service. The attack is possible to be carri...

CVE-2026-2517 Open5GS SMF types.c ogs_gtp2_parse_tft denial of service

A security flaw has been discovered in Open5GS up to 2.7.6. This vulnerability affects the function ogsgtp2parsetft in the library lib/gtp/v2/types.c of the component SMF. Performing a manipulation of the argument pf0.content.length results in denial of service. The attack is possible to be carri...

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.6 and earlier contain security vulnerabilities. These vulnerabilities stem from incorrect operations on the function...

PT-2026-8284

A security vulnerability has been detected in Open5GS up to 2.7.6. Impacted is an unknown function of the file /src/mme/esm-build.c of the component MME. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be...

PT-2026-8294

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.7 Description An issue exists in Open5GS up to version 2.7.6 related to the smf gn handle create pdp context request function within the SMF component, specifically in the file /src/smf/gn-handler.c. The...

CVE-2026-2062

A vulnerability was identified in Open5GS up to 2.7.6. This affects the function sgwcs5chandlemodifybearerresponse/sgwcsxahandlesessionmodificationresponse of the component PGW S5U Address Handler. The manipulation leads to null pointer dereference. The attack can be initiated remotely. The explo...