EUVD-2026-28478

A flaw has been found in Open5GS up to 2.7.7. The affected element is the function nssfnnrfnsselectionhandlegetfromamforvnssf of the file /src/nssf/nnssf-handler.c of the component NSSF. Executing a manipulation can lead to denial of service. The attack can be executed remotely. The exploit has...

PT-2026-36723

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.8 Description A remote denial of service issue exists in the AMF component. The problem is located in the gmm handle service request function within the /src/amf/gmm-handler.c file. Recommendations At the moment,...

Open5GS 代码问题漏洞

Open5GS is an Open5GS open source C open source implementation of 5G Core and Epc, the core network of the Lte/Nr network. A code issue vulnerability exists in Open5GS version 2.7.5 and earlier, which stems from misbehavior of the function ogspfcphandlecreatepdr in the FAR-ID Handler component,...

EUVD-2024-53450

Malicious code in bioql PyPI...

CVE-2025-52288

Assertion failure in function ngapbuilddownlinknastransport in file src/amf/ngap-build.c, the Access and Mobility Management Function AMF component, in Open5GS thru 2.7.5 allowing attackers to cause a denial of service or other unspecified impacts via repeated UE connect and disconnect message...

CVE-2025-8804

A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ngapbuilddownlinknastransport of the component AMF. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-29646

An issue in upf in open5gs 2.7.2 and earlier allows a remote attacker to cause a Denial of Service via a crafted PFCP SessionEstablishmentRequest packet with restoration indication = true and teid = 0 or teid = ogspfcppdrteidpool.size...

CVE-2022-43222

open5gs v2.4.11 was discovered to contain a memory leak in the component src/smf/pfcp-path.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted PFCP packet...

CVE-2025-25774

An issue was discovered in Open5GS v2.7.2. When a UE switches between two gNBs and sends a handover request at a specific time, it may cause an exception in the AMF's internal state machine, leading to an AMF crash and resulting in a Denial of Service DoS...

CVE-2025-25774

An issue was discovered in Open5GS v2.7.2. When a UE switches between two gNBs and sends a handover request at a specific time, it may cause an exception in the AMF's internal state machine, leading to an AMF crash and resulting in a Denial of Service DoS...

CVE-2024-56921

An issue was discovered in Open5gs v2.7.2. InitialUEMessage, Registration request sent at a specific time can crash AMF due to incorrect error handling of gmmstateexception function upon receipt of the NausfUEAuthenticationAuthenticate response...

CVE-2023-37007

Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a Handover Cancel message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...

PT-2024-20394 · Open5Gs · Open5Gs

Name of the Vulnerable Software and Affected Versions: Open5GS version 2.7.0 Description: A reachable assertion in the ogs nas emm decode function allows attackers to cause a Denial of Service DoS via a crafted NAS packet with a zero-length EMM message length. Recommendations: For Open5GS version...

CVE-2024-33382

An issue in Open5GS v.2.7.0 allows an attacker to cause a denial of service via the 64 unsuccessful UE/gnb registration...

Pouch has a container escape vulnerability

Pouch is a lightweight container technology that helps Ali deliver internal business faster while improving the utilization of physical resources in hyperscale data centers. Pouch has a container escape vulnerability that can be exploited by an attacker to write arbitrary files on the container's...