Lucene search
+L

56 matches found

OSV
OSV
added 2026/07/07 4:41 p.m.12 views

GO-2026-5570 Free5gc NRF is vulnerable to scope validation bypass via maliciously crafted targetNF value in github.com/free5gc/nrf

Free5gc NRF is vulnerable to scope validation bypass via maliciously crafted targetNF value in github.com/free5gc/nrf...

9.1CVSS5.9AI score0.00307EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/05/27 3:43 p.m.12 views

CVE-2026-44325

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NRF root SBI endpoint POST /oauth2/token contains a parser-level type-confusion bug family. The handler in NFs/nrf/internal/sbi/apiaccesstoken.go reflects over models.NrfAccessTokenAccessTokenReq,...

7.5CVSS5.8AI score0.00394EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/27 3:43 p.m.9 views

CVE-2026-44325 free5GC: NRF POST /oauth2/token structured-form parser type-confusion panic family (Reflect.Set on incompatible types)

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NRF root SBI endpoint POST /oauth2/token contains a parser-level type-confusion bug family. The handler in NFs/nrf/internal/sbi/apiaccesstoken.go reflects over models.NrfAccessTokenAccessTokenReq,...

7.5CVSS5.8AI score0.00394EPSS
Exploits1References4
CVE
CVE
added 2026/05/27 3:43 p.m.40 views

CVE-2026-44325

CVE-2026-44325 affects free5GC NRF (v4.2.1) where POST /oauth2/token parses form data with a reflective type-confusion in api_accesstoken.go. The handler reflects over NrfAccessTokenAccessTokenReq, incorrectly treating most fields as a *models.PlmnId and assigns it to various destination fields, ...

7.5CVSS5.8AI score0.00394EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained a security vulnerability. This vulnerability stemmed from a parser type confusion in the NRF’s OAuth2 token endpoint, which could potentially cause a panic due to a single...

7.5CVSS5.8AI score0.00394EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/05/18 7:59 p.m.14 views

CVE-2026-8729

A vulnerability was detected in Open5GS up to 2.7.7. This affects an unknown function in the library /lib/sbi/message.c of the component NRF. Performing a manipulation of the argument service-names/snssais results in denial of service. The attack is possible to be carried out remotely. The exploi...

6.5CVSS5.5AI score0.0039EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/18 7:59 p.m.15 views

CVE-2026-8728

A security vulnerability has been detected in Open5GS up to 2.7.7. The impacted element is the function ogssbidiscoveryoptionparseplmnlist in the library /lib/sbi/conv.c of the component NRF. Such manipulation of the argument target-plmn-list leads to denial of service. The attack can be executed...

6.5CVSS5.5AI score0.0039EPSS
Exploits1References1
NVD
NVD
added 2026/05/17 10:16 a.m.16 views

CVE-2026-8744

A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function ogssbisubscriptiondataadd/ogssbinfserviceadd in the library /lib/sbi/context.c of the component NRF. Executing a manipulation can lead to denial of service. It is possible to launch the attack remotely. The exploit ha...

6.5CVSS0.00455EPSS
Exploits1References9
OSV
OSV
added 2026/05/17 10:15 a.m.3 views

CVE-2026-8746 Open5GS NRF nghttp2-server.c discover_handler use after free

A security flaw has been discovered in Open5GS up to 2.7.7. Affected by this issue is the function discoverhandler in the library /lib/sbi/nghttp2-server.c of the component NRF. The manipulation results in use after free. The attack can be launched remotely. The exploit has been released to the...

5.3CVSS5.5AI score0.00367EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/05/17 9:15 a.m.44 views

CVE-2026-8744 Open5GS NRF context.c ogs_sbi_nf_service_add denial of service

A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function ogssbisubscriptiondataadd/ogssbinfserviceadd in the library /lib/sbi/context.c of the component NRF. Executing a manipulation can lead to denial of service. It is possible to launch the attack remotely. The exploit ha...

5.3CVSS0.00455EPSS
Exploits1References9
NVD
NVD
added 2026/05/17 5:16 a.m.16 views

CVE-2026-8729

A vulnerability was detected in Open5GS up to 2.7.7. This affects an unknown function in the library /lib/sbi/message.c of the component NRF. Performing a manipulation of the argument service-names/snssais results in denial of service. The attack is possible to be carried out remotely. The exploi...

6.5CVSS0.0039EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/05/17 4:15 a.m.9 views

CVE-2026-8731

A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function ogssbiclientadd in the library /lib/sbi/client.c of the component NRF. The manipulation of the argument clientpool leads to denial of service. It is possible to initiate the attack remotely. The exploit has been...

5.3CVSS5.4AI score0.0038EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/05/17 4:15 a.m.8 views

CVE-2026-8731 Open5GS NRF client.c ogs_sbi_client_add denial of service

A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function ogssbiclientadd in the library /lib/sbi/client.c of the component NRF. The manipulation of the argument clientpool leads to denial of service. It is possible to initiate the attack remotely. The exploit has been...

5.3CVSS5.4AI score0.0038EPSS
Exploits1References5
OSV
OSV
added 2026/05/17 4:15 a.m.3 views

CVE-2026-8731 Open5GS NRF client.c ogs_sbi_client_add denial of service

A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function ogssbiclientadd in the library /lib/sbi/client.c of the component NRF. The manipulation of the argument clientpool leads to denial of service. It is possible to initiate the attack remotely. The exploit has been...

5.3CVSS5.4AI score0.0038EPSS
Exploits1References7
CVE
CVE
added 2026/05/17 3:45 a.m.21 views

CVE-2026-8730

Open5GS up to 2.7.6 is affected by a flaw in the NRF component, specifically the ogs_sbi_nf_instance_set_id function in /lib/sbi/context.c. Manipulating the nfInstanceId argument can cause a denial of service, with remote execution possible and exploits published. The CVE description notes the is...

6.5CVSS5.4AI score0.0038EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/17 3:30 a.m.11 views

CVE-2026-8729 Open5GS NRF message.c denial of service

A vulnerability was detected in Open5GS up to 2.7.7. This affects an unknown function in the library /lib/sbi/message.c of the component NRF. Performing a manipulation of the argument service-names/snssais results in denial of service. The attack is possible to be carried out remotely. The exploi...

5.3CVSS5.5AI score0.0039EPSS
Exploits1References6
EUVD
EUVD
added 2026/05/17 3:30 a.m.23 views

EUVD-2026-30679

A vulnerability was detected in Open5GS up to 2.7.7. This affects an unknown function in the library /lib/sbi/message.c of the component NRF. Performing a manipulation of the argument service-names/snssais results in denial of service. The attack is possible to be carried out remotely. The exploi...

5.3CVSS5.5AI score0.0039EPSS
Exploits1References6
CVE
CVE
added 2026/05/17 3:30 a.m.20 views

CVE-2026-8729

CVE-2026-8729 affects Open5GS (up to 2.7.7) in the NRF component, specifically the function in /lib/sbi/message.c. Manipulating the argument service-names/snssais can trigger a denial of service. The issue is exploitable remotely, and the exploit is publicly available. The reports indicate the pr...

6.5CVSS5.5AI score0.0039EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2026/05/17 3:30 a.m.4 views

CVE-2026-8729 Open5GS NRF message.c denial of service

A vulnerability was detected in Open5GS up to 2.7.7. This affects an unknown function in the library /lib/sbi/message.c of the component NRF. Performing a manipulation of the argument service-names/snssais results in denial of service. The attack is possible to be carried out remotely. The exploi...

5.3CVSS5.6AI score0.0039EPSS
Exploits1References8
CNNVD
CNNVD
added 2026/05/17 12:0 a.m.11 views

Open5GS 缓冲区错误漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain a buffer error vulnerability. This vulnerability stems from the reuse of a resource after it has been released in the...

6.5CVSS5.9AI score0.00367EPSS
Exploits1References2
Rows per page
Query Builder