Description
A vulnerability was detected in Open5GS up to 2.7.7. This affects the function ogs_sbi_client_send_via_scp_or_sepp in the library lib/sbi/client.c of the component NF. Performing a manipulation results in out-of-bounds read. The attack is possible to be carried out remotely. The patch is named d5bc487fcf9ea87d2b03f2ef95123af344773bfb. It is suggested to install a patch to address this issue.
Published: 2026-05-09
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Open5GS up to version 2.7.7 has an out-of-bounds read in the NF component's function ogs_sbi_client_send_via_scp_or_sepp in lib/sbi/client.c. The flaw allows an attacker to read memory beyond a buffer boundary, potentially exposing sensitive data. This vulnerability is marked as CWE-119 and CWE-125, indicating classic memory corruption leading to information disclosure. The exploitation vector is remote, meaning an attacker can trigger it from a distant location without local access.

Affected Systems

The affected product is Open5GS, specifically the NF component in all releases up to and including 2.7.7. Users running any of these versions should update to a fixed release or apply the patch identified by commit d5bc487fcf9ea87d2b03f2ef95123af344773bfb.

Risk and Exploitability

The CVSS base score is 6.9, reflecting a moderate to high severity due to remote access and significant potential for data disclosure. No EPSS score is available, and the vulnerability is not listed in the CISA KEV catalog, indicating that it may not yet be widely exploited. An attacker would need to send crafted requests to the NF service, which must be reachable over the network, to trigger the read. Because the flaw is remote, the risk is heightened for systems exposing the NF component to untrusted networks.

Generated by OpenCVE AI on May 9, 2026 at 13:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Open5GS to a version newer than 2.7.7 or apply the patch commit d5bc487fcf9ea87d2b03f2ef95123af344773bfb.
  • Restrict network access to the NF component by limiting inbound traffic to trusted networks or implementing firewall rules to block untrusted sources.
  • Enable detailed logging for the SBI client service and monitor for abnormal traffic that may indicate exploitation attempts.

Generated by OpenCVE AI on May 9, 2026 at 13:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 09 May 2026 12:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in Open5GS up to 2.7.7. This affects the function ogs_sbi_client_send_via_scp_or_sepp in the library lib/sbi/client.c of the component NF. Performing a manipulation results in out-of-bounds read. The attack is possible to be carried out remotely. The patch is named d5bc487fcf9ea87d2b03f2ef95123af344773bfb. It is suggested to install a patch to address this issue.
Title Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out-of-bounds
First Time appeared Open5gs
Open5gs open5gs
Weaknesses CWE-119
CWE-125
CPEs cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*
Vendors & Products Open5gs
Open5gs open5gs
References
Metrics cvssV2_0

{'score': 5, 'vector': 'AV:N/AC:L/Au:N/C:N/I:N/A:P/E:ND/RL:OF/RC:C'}

cvssV3_0

{'score': 5.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C'}

cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X'}

Subscriptions

Open5gs Open5gs
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-09T12:00:15.995Z

Reserved: 2026-05-08T19:47:06.554Z

Link: CVE-2026-8186

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-09T12:16:08.760

Modified: 2026-05-09T12:16:08.760

Link: CVE-2026-8186

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-09T13:30:34Z

Weaknesses