Lucene search
K

17 matches found

Nuclei
Nuclei
added yesterday21 views

OpenMetaData - SpEL Injection in PUT /api/v1/policies

OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. CompiledRule::validateExpression is also called from PolicyRepository.prepare. prepare is called from...

9.4CVSS7.4AI score0.12527EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/12 8:20 a.m.9 views

CVE-2026-8222

A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcfnbsfmanagementhandleregister of the file src/pcf/nbsf-handler.c of the component sm-policies Endpoint. Such manipulation leads to denial of service. The attack may be performed from remote. The exploit has been...

7.5CVSS5.5AI score0.00477EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/11 8:26 p.m.10 views

CVE-2026-8223

A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcfsesssbidiscoverandsend of the component sm-policies Endpoint. Performing a manipulation results in denial of service. It is possible to initiate the attack remotely. The exploit has been made publi...

7.5CVSS5.6AI score0.00477EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/10 3:33 a.m.12 views

EUVD-2026-28959

A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcfnbsfmanagementhandleregister of the file src/pcf/nbsf-handler.c of the component sm-policies Endpoint. Such manipulation leads to denial of service. The attack may be performed from remote. The exploit has been...

6.9CVSS5.3AI score0.00477EPSS
Exploits1References6
NVD
NVD
added 2026/05/10 3:16 a.m.22 views

CVE-2026-8223

A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcfsesssbidiscoverandsend of the component sm-policies Endpoint. Performing a manipulation results in denial of service. It is possible to initiate the attack remotely. The exploit has been made publi...

7.5CVSS0.00477EPSS
Exploits1References5
NVD
NVD
added 2026/05/10 3:16 a.m.26 views

CVE-2026-8222

A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcfnbsfmanagementhandleregister of the file src/pcf/nbsf-handler.c of the component sm-policies Endpoint. Such manipulation leads to denial of service. The attack may be performed from remote. The exploit has been...

7.5CVSS0.00477EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/05/10 2:45 a.m.7 views

CVE-2026-8223 Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send denial of service

A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcfsesssbidiscoverandsend of the component sm-policies Endpoint. Performing a manipulation results in denial of service. It is possible to initiate the attack remotely. The exploit has been made publi...

6.9CVSS5.6AI score0.00477EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/05/10 2:45 a.m.5 views

CVE-2026-8223

A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcfsesssbidiscoverandsend of the component sm-policies Endpoint. Performing a manipulation results in denial of service. It is possible to initiate the attack remotely. The exploit has been made publi...

6.9CVSS5.6AI score0.00477EPSS
Exploits1References5
CVE
CVE
added 2026/05/10 2:45 a.m.23 views

CVE-2026-8223

CVE-2026-8223 affects Open5GS up to 2.7.7; the vulnerable component is sm-policies Endpoint, function pcf_sess_sbi_discover_and_send. Manipulation leads to denial of service and can be triggered remotely. An exploit has been publicized. Public details in Red Hat EUVD/NVD entries confirm the issue...

7.5CVSS5.6AI score0.00477EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/05/10 2:30 a.m.24 views

CVE-2026-8222

Open5GS

7.5CVSS5.5AI score0.00477EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/05/10 2:30 a.m.48 views

CVE-2026-8222 Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_management_handle_register denial of service

A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcfnbsfmanagementhandleregister of the file src/pcf/nbsf-handler.c of the component sm-policies Endpoint. Such manipulation leads to denial of service. The attack may be performed from remote. The exploit has been...

6.9CVSS0.00477EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.13 views

PT-2026-39441

A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcf sess sbi discover and send of the component sm-policies Endpoint. Performing a manipulation results in denial of service. It is possible to initiate the attack remotely. The exploit has been made...

6.9CVSS5.6AI score0.00477EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/05/10 12:0 a.m.25 views

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from a function in the sm-policies Endpoint called...

7.5CVSS6.1AI score0.00477EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.14 views

PT-2026-39440

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.8 Description A remote denial of service can be triggered in the sm-policies endpoint. The issue exists within the pcf nbsf management handle register function located in the src/pcf/nbsf-handler.c file...

7.5CVSS6.1AI score0.00477EPSS
Exploits1References11
CNNVD
CNNVD
added 2026/05/10 12:0 a.m.16 views

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for Lte/Nr networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from a function in the sm-policies Endpoint component, specifically t...

7.5CVSS6.1AI score0.00477EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/03/15 12:0 a.m.6 views

OpenMetadata Security Vulnerabilities

OpenMetadata is a unified discovery, observability and governance platform powered by a central metadata repository, deep along and seamless team collaboration. A security vulnerability exists in OpenMetadata versions prior to 1.3.1 that stems from a SpEL injection vulnerability in PUT...

9.4CVSS7.5AI score0.12527EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/03/15 12:0 a.m.11 views

PT-2024-2592

Name of the Vulnerable Software and Affected Versions OpenMetadata versions prior to 1.3.1 Description The issue is related to incorrect code generation management in OpenMetadata, which can be exploited to execute arbitrary code remotely. An attacker can send a PUT request to "/api/v1/policies" ...

9.7CVSS9.6AI score0.12527EPSS
Exploits0References23
Rows per page
Query Builder