CVE-2025-15531

A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwcbeareradd of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The...

EUVD-2026-3136

A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwcbeareradd of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The...

CVE-2025-15531

A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwcbeareradd of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The...

CVE-2025-15531 Open5GS context.c sgwc_bearer_add assertion

A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwcbeareradd of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The...

CVE-2025-15530

A vulnerability was determined in Open5GS up to 2.7.6. This affects the function sgwcs11handlecreateindirectdataforwardingtunnelrequest of the file /src/sgwc/s11-handler.c. Executing a manipulation can lead to reachable assertion. The attack can be executed remotely. The exploit has been publicly...

CVE-2025-15530

A vulnerability was determined in Open5GS up to 2.7.6. This affects the function sgwcs11handlecreateindirectdataforwardingtunnelrequest of the file /src/sgwc/s11-handler.c. Executing a manipulation can lead to reachable assertion. The attack can be executed remotely. The exploit has been publicly...

SUSE-SU-2026:0143-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2025-68276: avahi: reachable assertion in avahiwideareascancache can lead to crash of avahi-daemon bsc1256498. - CVE-2025-68468: avahi: reachable assertion in lookupmulticastcallback can lead to crash of avahi-daemon bsc1256499. -...

CVE-2025-15530 Open5GS s11-handler.c assertion

A vulnerability was determined in Open5GS up to 2.7.6. This affects the function sgwcs11handlecreateindirectdataforwardingtunnelrequest of the file /src/sgwc/s11-handler.c. Executing a manipulation can lead to reachable assertion. The attack can be executed remotely. The exploit has been publicly...

CVE-2025-15530

A vulnerability was determined in Open5GS up to 2.7.6. This affects the function sgwcs11handlecreateindirectdataforwardingtunnelrequest of the file /src/sgwc/s11-handler.c. Executing a manipulation can lead to reachable assertion. The attack can be executed remotely. The exploit has been publicly...

CVE-2025-15530

Open5GS up to version 2.7.6 is affected by a vulnerability in the sgwc_s11_handle_create_indirect_data_forwarding_tunnel_request function within /src/sgwc/s11-handler.c. The issue allows remote manipulation that can lead to a reachable assertion, with exploitation publicly disclosed. Multiple sou...

PT-2026-3362

A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwc bearer add of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The...

Open5GS security vulnerabilities

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.5 and earlier contain security vulnerabilities. These vulnerabilities stem from operations in the sgwcbeareradd function located in the file...

PT-2026-3361

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.7 Description A flaw exists in Open5GS up to version 2.7.6. A manipulation of the sgwc s11 handle create indirect data forwarding tunnel request function within the /src/sgwc/s11-handler.c file can lead to a...

MiracleLinux 7 : krb5-1.15.1-18.el7 (AXSA:2018-2754:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2754:01 advisory. krb5: Authentication bypass by improper validation of certificate EKU and SAN CVE-2017-7562 krb5: Invalid S4U2Self or S4U2Proxy request causes...

Avahi has a reachable assertion in lookup_start

...

Avahi has a reachable assertion in lookup_multicast_callback

...

Avahi has a reachable assertion in avahi_wide_area_scan_cache

...

MiracleLinux 9 : mod_http2-2.0.26-4.el9_6.1 (AXSA:2025-10820:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10820:02 advisory. httpd: modproxyhttp2: untrusted input from a client causes an assertion to fail in the Apache modproxyhttp2 module CVE-2025-49630 Tenable has extracted the...

Reachable Assertion

Overview Affected versions of this package are vulnerable to Reachable Assertion in the lookupmulticastcallback function. An attacker can cause a crash by sending unsolicited announcements containing CNAME resource records that point to resource records with short TTLs, which, upon expiration,...

Reachable Assertion

Overview Affected versions of this package are vulnerable to Reachable Assertion via the avahiwideareascancache process. An attacker can cause a crash of the daemon by sending crafted D-Bus requests that create record browsers with the AVAHILOOKUPUSEWIDEAREA flag set. Remediation A fix was pushed...