Description
A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is an unknown functionality in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. The manipulation results in denial of service. It is possible to launch the attack remotely. The exploit has been made public and could be used. A patch should be applied to remediate this issue.
Published: 2026-05-30
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in Open5GS v2.7.7 and earlier resides in the shared NF‑Profile parser, specifically in the nnrf‑handler.c library. The bug allows an attacker to manipulate data such that the parser consumes excessive resources, eventually causing the service to crash or become unresponsive. The impact is a denial of service that can disrupt the operation of the NNGRF component and, by extension, the overall 5G core network.

Affected Systems

The vulnerability affects Open5GS implementations up to version 2.7.7. No additional version information is supplied. The affected component is the Shared NF‑Profile Parser within the NNGRF service. Deployments running any of those versions that expose the NNGRF interface to external traffic are susceptible.

Risk and Exploitability

The CVSS score of 5.3 indicates moderate severity. No EPSS score is available, so an estimate of exploitation likelihood cannot be provided. The vulnerability is not listed in the CISA KEV database. It is inferred that the attack can be conducted remotely, as the description notes that the exploitation is possible from a remote location. An attacker could repeatedly trigger the denial of service by sending crafted requests to the NNGRF service until it exhausts resources or crashes.

Generated by OpenCVE AI on May 30, 2026 at 10:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the patch released in Open5GS PR #4527, which updates nnrf‑handler.c to prevent the resource exhaustion attack.
  • If patching is delayed, block unauthenticated or malformed NF‑Profile requests to the NNGRF service using network‑level controls to reduce the attack surface.
  • Continuously monitor the NNGRF service for abnormal CPU or memory spikes and restart the service automatically if it becomes unresponsive.

Generated by OpenCVE AI on May 30, 2026 at 10:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 30 May 2026 09:00:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is an unknown functionality in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. The manipulation results in denial of service. It is possible to launch the attack remotely. The exploit has been made public and could be used. A patch should be applied to remediate this issue.
Title Open5GS Shared NF-profile nnrf-handler.c denial of service
First Time appeared Open5gs
Open5gs open5gs
Weaknesses CWE-404
CPEs cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*
Vendors & Products Open5gs
Open5gs open5gs
References
Metrics cvssV2_0

{'score': 4, 'vector': 'AV:N/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C'}

cvssV3_0

{'score': 4.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C'}

cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Open5gs Open5gs
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-30T08:45:08.776Z

Reserved: 2026-05-29T17:15:09.681Z

Link: CVE-2026-10113

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-30T09:16:17.460

Modified: 2026-05-30T09:16:17.460

Link: CVE-2026-10113

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-30T10:30:20Z

Weaknesses