Lucene search
K

427 matches found

NVD
NVD
added 2026/05/11 12:16 a.m.43 views

CVE-2026-8252

A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function smfnsmfhandlecreatedatainhsmf of the component SMF. Executing a manipulation can lead to null pointer dereference. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized...

6.5CVSS0.00378EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.19 views

PT-2026-39566

A flaw has been found in Open5GS up to 2.7.7. This vulnerability affects the function smf nsmf handle created data in vsmf of the component SMF. This manipulation causes denial of service. The attack may be initiated remotely. The exploit has been published and may be used. The project was inform...

5.3CVSS5.4AI score0.00372EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.9 views

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from the smfnsmfhandleupdatedatainvsmf function in the...

6.5CVSS5.8AI score0.00372EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.10 views

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities; these vulnerabilities stem from the function OpenAPIlistcreate in the SMF component, which may...

6.5CVSS5.8AI score0.00372EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.16 views

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities; these vulnerabilities stem from the smf component’s ogsnasparseqosrules function, which may lead...

6.5CVSS5.8AI score0.0038EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.9 views

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from the function smfnsmfhandlecreatesmcontext in the SMF component,...

6.5CVSS5.8AI score0.00471EPSS
Exploits1References1
NVD
NVD
added 2026/05/10 11:16 p.m.28 views

CVE-2026-8251

A vulnerability was found in Open5GS up to 2.7.7. This impacts the function updateauthorizedpccruleandqos of the file /src/smf/npcf-handler.c of the component SMF. Performing a manipulation results in denial of service. The attack is possible to be carried out remotely. The exploit has been made...

6.5CVSS0.00461EPSS
Exploits1References5
CVE
CVE
added 2026/05/10 11:15 p.m.27 views

CVE-2026-8252

CVE-2026-8252 affects Open5GS up to version 2.7.7, specifically the SMF component and the function smf_nsmf_handle_create_data_in_hsmf . A manipulation in this area can lead to a null pointer dereference , with the attack possible remotely . Public exploitation has been disclosed and is actionabl...

6.5CVSS5.4AI score0.00378EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/10 11:15 p.m.8 views

CVE-2026-8252

A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function smfnsmfhandlecreatedatainhsmf of the component SMF. Executing a manipulation can lead to null pointer dereference. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized...

5.3CVSS5.4AI score0.00378EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/05/10 11:0 p.m.7 views

CVE-2026-8251

A vulnerability was found in Open5GS up to 2.7.7. This impacts the function updateauthorizedpccruleandqos of the file /src/smf/npcf-handler.c of the component SMF. Performing a manipulation results in denial of service. The attack is possible to be carried out remotely. The exploit has been made...

5.3CVSS5.4AI score0.00461EPSS
Exploits1References5
CVE
CVE
added 2026/05/10 10:45 p.m.19 views

CVE-2026-8250

Open5GS (up to 2.7.7) SMF component contains a vulnerability in the function smf_n4_build_qos_flow_to_modify_list within /src/smf/n4-build.c. The issue allows remote denial of service via manipulation of QoS flow modification logic. Public exploit information exists and exploit maturity is indica...

6.5CVSS5.4AI score0.00372EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/05/10 10:30 p.m.52 views

CVE-2026-8249 Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qos denial of service

A flaw has been found in Open5GS up to 2.7.7. The impacted element is the function updateauthorizedpccruleandqos of the file /src/smf/npcf-handler.c of the component SMF. This manipulation causes denial of service. Remote exploitation of the attack is possible. The exploit has been published and...

5.3CVSS0.00372EPSS
Exploits1References5
CVE
CVE
added 2026/05/10 10:15 p.m.17 views

CVE-2026-8248

CVE-2026-8248 affects Open5GS up to 2.7.7, specifically the SMF component. The issue is in the function update_authorized_pcc_rule_and_qos within /src/smf/npcf-handler.c and results in a denial of service . The vulnerability can be exploited remotely; the exploit is public. No remediation details...

6.5CVSS5.5AI score0.00471EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.22 views

PT-2026-39545

A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function smf nsmf handle create data in hsmf of the component SMF. Executing a manipulation can lead to null pointer dereference. The attack may be performed from remote. The exploit has been publicly disclosed and may be...

5.3CVSS5.4AI score0.00378EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.26 views

PT-2026-39542

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.8 Description A flaw in the SMF component allows remote attackers to cause a denial of service. The issue exists within the update authorized pcc rule and qos function located in the /src/smf/npcf-handler.c file...

5.3CVSS5.8AI score0.00372EPSS
Exploits1References7
CNNVD
CNNVD
added 2026/05/10 12:0 a.m.10 views

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from the updateauthorizedpccruleandqos function in the SMF component...

6.5CVSS5.8AI score0.00372EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.20 views

PT-2026-39543

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.8 Description A remote denial of service issue exists in the SMF component. The problem is located in the smf n4 build qos flow to modify list function within the /src/smf/n4-build.c file. Recommendations Update t...

5.3CVSS5.8AI score0.00372EPSS
Exploits1References9
Snyk
Snyk
added 2026/05/08 10:47 p.m.7 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization through the POST /upi/v1/upNodesLinks handler, which processes attacker-controlled JSON input without authentication or authorization checks. An attacker can terminate the entire process by submitting a crafted...

8.7CVSS5.8AI score0.00364EPSS
Exploits1References4
OSV
OSV
added 2026/05/08 10:47 p.m.10 views

GHSA-44QJ-CGHF-9P97 free5GC's SMF UPI POST /upi/v1/upNodesLinks exits the SMF process on overlapping UE pools (unauthenticated, reachable Fatalf)

Summary free5GC's SMF mounts the UPI management route group without inbound OAuth2 middleware same root cause as free5gc/free5gc887. The POST /upi/v1/upNodesLinks create-or-update handler accepts attacker-controlled JSON and passes it directly into UpNodesFromConfiguration, which calls...

7.5CVSS5.9AI score0.00364EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.12 views

PT-2026-39251

Name of the Vulnerable Software and Affected Versions free5GC versions prior to 4.2.2 Description The Session Management Function SMF in free5GC mounts the UPI management route group without inbound OAuth2 middleware, allowing unauthenticated access. The POST endpoint '/upi/v1/upNodesLinks' accep...

7.5CVSS5.8AI score0.00364EPSS
Exploits1References10
Rows per page
Query Builder