Skip to main content

Open5GS EUVD-2026-28959

| CVE-2026-8222 MEDIUM
Improper Resource Shutdown or Release (CWE-404)
2026-05-10 cna@vuldb.com GHSA-xm8g-256c-hjqj
Denial Of Service Open5gs
5.5
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
May 10, 2026 - 03:30 vuln.today
CVE Published
May 10, 2026 - 03:16 nvd
MEDIUM 5.5

DescriptionCVE.org

A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcf_nbsf_management_handle_register of the file src/pcf/nbsf-handler.c of the component sm-policies Endpoint. Such manipulation leads to denial of service. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

AnalysisAI

Remote denial of service in Open5GS up to version 2.7.7 affects the sm-policies endpoint's pcf_nbsf_management_handle_register function, allowing unauthenticated network attackers to trigger a crash or service disruption with low attack complexity. Publicly available exploit code exists and the vendor was notified early but has not released a fix.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Send crafted registration request
Exploit
Trigger improper resource validation
Execution
Crash PCF service
Impact
Denial of service
Sign in to reveal

Vulnerability AssessmentAI

Exploitation The vulnerability requires network connectivity to the Open5GS PCF sm-policies endpoint (default configuration typical on internal 5G core networks). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment CVSS 5.5 with AV:N/AC:L/PR:N/UI:N indicates unauthenticated remote exploitation requiring minimal attacker effort against default configurations. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with network access to the PCF's sm-policies endpoint sends a crafted registration request that triggers improper resource handling in the pcf_nbsf_management_handle_register function, causing the PCF process to crash or enter a denial-of-service state. The low complexity and network accessibility mean the attack can be executed without authentication from any network segment that can reach the PCF service.
Remediation Upgrade Open5GS to a version newer than 2.7.7 when available. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-28959 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy