Skip to main content

Open5GS EUVD-2026-33460

| CVE-2026-10117 LOW
Improper Resource Shutdown or Release (CWE-404)
2026-05-30 VulDB GHSA-fh2x-jcf9-hjr5
Denial Of Service Open5gs
2.1
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.1 LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Severity Changed
May 30, 2026 - 13:22 NVD
MEDIUM LOW
CVSS changed
May 30, 2026 - 13:22 NVD
4.3 (MEDIUM) 2.1 (LOW)
Analysis Generated
May 30, 2026 - 12:58 vuln.today

DescriptionCVE.org

A weakness has been identified in Open5GS up to 2.7.7. This issue affects the function ogs_pool_id_calloc in the library /lib/sbi/nghttp2-server.c. Executing a manipulation can lead to denial of service. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. It is best practice to apply a patch to resolve this issue.

AnalysisAI

Denial of service in Open5GS up to version 2.7.7 is triggerable by a low-privileged remote attacker via the ogs_pool_id_calloc function in the SBI nghttp2-server library, causing availability degradation of 5G core network functions. The CVSS temporal modifiers confirm both a public proof-of-concept (E:P) and an official remedy (RL:O). …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain low-privilege SBI access
Delivery
Send crafted HTTP/2 request to nghttp2-server
Exploit
Trigger resource mishandling in ogs_pool_id_calloc
Execution
Exhaust memory pool
Impact
Deny service to 5G core network function
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Exploitation requires a low-privilege authenticated network connection to the Open5GS SBI HTTP/2 endpoint, as confirmed by PR:L in the CVSS:3.1 vector. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The base CVSS score of 4.3 (Medium) reflects constrained impact: availability impact is Low (A:L), with no confidentiality or integrity compromise, and low-privilege authentication is required (PR:L). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with low-privilege credentials or a foothold on a trusted network segment containing Open5GS SBI endpoints sends crafted HTTP/2 requests to the nghttp2-server listener, triggering a code path in `ogs_pool_id_calloc` that fails to properly release pool resources. Repeated or sustained triggering causes resource exhaustion in the affected network function (e.g., AMF or SMF), degrading or halting its ability to process legitimate 5G signaling traffic. …
Remediation An official remedy is confirmed available per the CVSS temporal modifier RL:O; operators should upgrade Open5GS beyond version 2.7.7 by consulting the latest release on the upstream GitHub repository at https://github.com/open5gs/open5gs/. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-33460 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy