17 matches found
OpenMetaData - SpEL Injection in PUT /api/v1/policies
OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. CompiledRule::validateExpression is also called from PolicyRepository.prepare. prepare is called from...
CVE-2026-8222
A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcfnbsfmanagementhandleregister of the file src/pcf/nbsf-handler.c of the component sm-policies Endpoint. Such manipulation leads to denial of service. The attack may be performed from remote. The exploit has been...
CVE-2026-8223
A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcfsesssbidiscoverandsend of the component sm-policies Endpoint. Performing a manipulation results in denial of service. It is possible to initiate the attack remotely. The exploit has been made publi...
EUVD-2026-28959
A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcfnbsfmanagementhandleregister of the file src/pcf/nbsf-handler.c of the component sm-policies Endpoint. Such manipulation leads to denial of service. The attack may be performed from remote. The exploit has been...
CVE-2026-8223
A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcfsesssbidiscoverandsend of the component sm-policies Endpoint. Performing a manipulation results in denial of service. It is possible to initiate the attack remotely. The exploit has been made publi...
CVE-2026-8222
A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcfnbsfmanagementhandleregister of the file src/pcf/nbsf-handler.c of the component sm-policies Endpoint. Such manipulation leads to denial of service. The attack may be performed from remote. The exploit has been...
CVE-2026-8223 Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send denial of service
A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcfsesssbidiscoverandsend of the component sm-policies Endpoint. Performing a manipulation results in denial of service. It is possible to initiate the attack remotely. The exploit has been made publi...
CVE-2026-8223
A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcfsesssbidiscoverandsend of the component sm-policies Endpoint. Performing a manipulation results in denial of service. It is possible to initiate the attack remotely. The exploit has been made publi...
CVE-2026-8223
CVE-2026-8223 affects Open5GS up to 2.7.7; the vulnerable component is sm-policies Endpoint, function pcf_sess_sbi_discover_and_send. Manipulation leads to denial of service and can be triggered remotely. An exploit has been publicized. Public details in Red Hat EUVD/NVD entries confirm the issue...
CVE-2026-8222
Open5GS
CVE-2026-8222 Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_management_handle_register denial of service
A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcfnbsfmanagementhandleregister of the file src/pcf/nbsf-handler.c of the component sm-policies Endpoint. Such manipulation leads to denial of service. The attack may be performed from remote. The exploit has been...
PT-2026-39441
A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcf sess sbi discover and send of the component sm-policies Endpoint. Performing a manipulation results in denial of service. It is possible to initiate the attack remotely. The exploit has been made...
Open5GS 安全漏洞
Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from a function in the sm-policies Endpoint called...
PT-2026-39440
Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.8 Description A remote denial of service can be triggered in the sm-policies endpoint. The issue exists within the pcf nbsf management handle register function located in the src/pcf/nbsf-handler.c file...
Open5GS 安全漏洞
Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for Lte/Nr networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from a function in the sm-policies Endpoint component, specifically t...
OpenMetadata Security Vulnerabilities
OpenMetadata is a unified discovery, observability and governance platform powered by a central metadata repository, deep along and seamless team collaboration. A security vulnerability exists in OpenMetadata versions prior to 1.3.1 that stems from a SpEL injection vulnerability in PUT...
PT-2024-2592
Name of the Vulnerable Software and Affected Versions OpenMetadata versions prior to 1.3.1 Description The issue is related to incorrect code generation management in OpenMetadata, which can be exploited to execute arbitrary code remotely. An attacker can send a PUT request to "/api/v1/policies" ...