CVE-2026-8290 - Vulnerability Details

- Open5GS SMF nsmf-handler.c smf_nsmf_handle_update_data_in_vsmf denial of service

Description

A security flaw has been discovered in Open5GS up to 2.7.7. This issue affects the function smf_nsmf_handle_update_data_in_vsmf of the file /src/smf/nsmf-handler.c of the component SMF. The manipulation results in denial of service. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

Published: 2026-05-11

Score: 5.3 Medium

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

A flaw in the Open5GS SMF component, specifically the smf_nsmf_handle_update_data_in_vsmf function in the nsmf‑handler.c file, allows an attacker to trigger a denial of service condition. The vulnerability is a type of resource limitation issue (CWE‑404) that can be abused by sending crafted data to the update interface, causing the SMF process to become unresponsive and leading to an interruption of service availability. The exploit is remote and has already been released to the public, which means a malicious actor can initiate it from outside the network without local access.

Affected Systems

The defect affects installations of Open5GS version 2.7.7 or earlier. The impacted product is the SMF service of Open5GS, which can be found under the Open5GS system component. All deployments using the default configuration that expose the SMF update endpoint are potentially vulnerable.

Risk and Exploitability

The CVSS score of 5.3 denotes moderate severity, and the EPSS score is not available, indicating limited publicly known exploit activity. The vulnerability is not listed in the CISA KEV catalog, but because the exploit has already been published, an attacker can target the exposed SMF update endpoint from the Internet. The attack would lead to a denial of service of the SMF component and potentially downstream services that depend on it.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

Open5GS

affected

Version	Status	Constraints
`2.7.0`	affected	—
`2.7.1`	affected	—
`2.7.2`	affected	—
`2.7.3`	affected	—
`2.7.4`	affected	—
`2.7.5`	affected	—
`2.7.6`	affected	—
`2.7.7`	affected	—

No data.

Vendor Product Confidence Versions

Open5gs

95%

Version	Status	Scheme	Platform
`2.7.0`	affected	semver	—
`2.7.1`	affected	semver	—
`2.7.2`	affected	semver	—
`2.7.3`	affected	semver	—
`2.7.4`	affected	semver	—
`2.7.5`	affected	semver	—
`2.7.6`	affected	semver	—
`2.7.7`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the vendor‑supplied patch or upgrade to a later Open5GS release when it becomes available.
Restrict external access to the SMF update endpoint by configuring firewall rules or network segmentation so that only trusted devices communicate with the SMF service.
Implement request throttling or a rate‑limit on the SMF update interface to reduce the impact of repeated exploit attempts.

Generated by OpenCVE AI on May 11, 2026 at 17:04 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

No EPSS score available.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/open5gs/open5gs/
https://github.com/open5gs/open5gs/issues/4454
https://vuldb.com/submit/808507
https://vuldb.com/vuln/362587
https://vuldb.com/vuln/362587/cti

History

Mon, 11 May 2026 15:15:00 +0000

Type	Values Removed	Values Added
Description		A security flaw has been discovered in Open5GS up to 2.7.7. This issue affects the function smf_nsmf_handle_update_data_in_vsmf of the file /src/smf/nsmf-handler.c of the component SMF. The manipulation results in denial of service. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
Title		Open5GS SMF nsmf-handler.c smf_nsmf_handle_update_data_in_vsmf denial of service
First Time appeared		Open5gs Open5gs open5gs
Weaknesses		CWE-404
CPEs		cpe:2.3:a:open5gs:open5gs::::::::
Vendors & Products		Open5gs Open5gs open5gs
References		https://github.com/open5gs/open5gs/ https://github.com/open5gs/open5gs/issues/4454 https://vuldb.com/submit/808507 https://vuldb.com/vuln/362587 https://vuldb.com/vuln/362587/cti
Metrics		cvssV2_0 `{'score': 4, 'vector': 'AV:N/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 4.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Subscriptions

Open5gs Open5gs

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-05-11T13:00:10.000Z

Updated: 2026-05-11T14:10:07.202Z

Reserved: 2026-05-11T08:02:16.087Z

Link: CVE-2026-8290

Vulnrichment

Updated: 2026-05-11T14:08:51.608Z

NVD

Status : Undergoing Analysis

Published: 2026-05-11T14:16:34.483

Modified: 2026-05-11T16:17:43.263

Link: CVE-2026-8290

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-11T17:15:40Z

Weaknesses

CWE-404

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Exploitation poc

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object