CVE-2026-8225 - Vulnerability Details

- Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_handle_delete denial of service

Description

A vulnerability was identified in Open5GS up to 2.7.7. This affects the function pcf_npcf_smpolicycontrol_handle_delete of the file src/pcf/sm-sm.c of the component delete Endpoint. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.

Published: 2026-05-10

Score: 6.9 Medium

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

A flaw was discovered in Open5GS, affecting all releases up to and including 2.7.7, within the delete Endpoint handler pcf_npcf_smpolicycontrol_handle_delete in src/pcf/sm-sm.c. The bug can be triggered by a crafted request, causing the Open5GS service to crash or become unresponsive, thereby denying service to legitimate users. The vulnerability is identified as CWE‑404, emphasizing improper cleanup or resource management leading to service interruption. The impact is a loss of availability for the affected network functions.

Affected Systems

The affected product is Open5GS from the Open5GS organization. All releases up to 2.7.7 are susceptible; later releases are presumed to contain a fix. The specific component involved is the delete Endpoint handling within the PCF module.

Risk and Exploitability

The CVSS score of 6.9 categorizes this issue as a moderate severity vulnerability. The EPSS score is not available, and the vulnerability is not listed in CISA's KEV catalog, indicating that it has not yet been widely reported as exploited in the wild. The attack vector is remote, as an external actor can send a malicious request over the network to trigger the denial of service. The exploit is publicly documented and available, suggesting that an attacker could readily leverage it if the system remains unpatched.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

Open5GS

affected

Version	Status	Constraints
`2.7.0`	affected	—
`2.7.1`	affected	—
`2.7.2`	affected	—
`2.7.3`	affected	—
`2.7.4`	affected	—
`2.7.5`	affected	—
`2.7.6`	affected	—
`2.7.7`	affected	—

No data.

Vendor Product Confidence Versions

Open5gs

95%

Version	Status	Scheme	Platform
`2.7.0`	affected	semver	—
`2.7.1`	affected	semver	—
`2.7.2`	affected	semver	—
`2.7.3`	affected	semver	—
`2.7.4`	affected	semver	—
`2.7.5`	affected	semver	—
`2.7.6`	affected	semver	—
`2.7.7`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade to the latest Open5GS release that contains the fix for the delete Endpoint bug.
Restrict access to the deletion endpoint by applying firewall or ACL rules so that only trusted networks or IP addresses can send DELETE requests.
Enable detailed logging and set up rate limiting on the endpoint to detect and block abnormal traffic patterns that could indicate exploitation attempts.

Generated by OpenCVE AI on May 10, 2026 at 05:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://github.com/open5gs/open5gs/
https://github.com/open5gs/open5gs/issues/4440
https://vuldb.com/submit/808444
https://vuldb.com/vuln/362442
https://vuldb.com/vuln/362442/cti

History

Sun, 10 May 2026 04:45:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability was identified in Open5GS up to 2.7.7. This affects the function pcf_npcf_smpolicycontrol_handle_delete of the file src/pcf/sm-sm.c of the component delete Endpoint. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.
Title		Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_handle_delete denial of service
First Time appeared		Open5gs Open5gs open5gs
Weaknesses		CWE-404
CPEs		cpe:2.3:a:open5gs:open5gs::::::::
Vendors & Products		Open5gs Open5gs open5gs
References		https://github.com/open5gs/open5gs/ https://github.com/open5gs/open5gs/issues/4440 https://vuldb.com/submit/808444 https://vuldb.com/vuln/362442 https://vuldb.com/vuln/362442/cti
Metrics		cvssV2_0 `{'score': 5, 'vector': 'AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 5.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Open5gs Open5gs

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-05-10T03:15:08.948Z

Updated: 2026-05-10T03:15:08.948Z

Reserved: 2026-05-09T07:35:26.892Z

Link: CVE-2026-8225

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-05-10T05:16:12.060

Modified: 2026-05-10T05:16:12.060

Link: CVE-2026-8225

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-10T05:30:05Z

Weaknesses

CWE-404

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object