Description
A vulnerability was detected in Open5GS up to 2.7.7. This affects an unknown function in the library /lib/sbi/message.c of the component NRF. Performing a manipulation of the argument service-names/snssais results in denial of service. The attack is possible to be carried out remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Published: 2026-05-17
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A manipulation of the argument service-names/snssais in the Open5GS NRF message.c library triggers a denial of service, allowing a remote attacker to crash the component. The vulnerability is present in all releases up to version 2.7.7 and the exploitation code is publicly available. The impact is a temporary loss of NRF functionality, which can ripple through the 5G core causing service interruption.

Affected Systems

The affected product is Open5GS, specifically the NRF component in the /lib/sbi/message.c module. All Open5GS versions up to and including 2.7.7 are vulnerable. Systems running these releases are at risk if the NRF service is exposed to untrusted networks.

Risk and Exploitability

The CVSS score of 5.3 indicates moderate severity, but the exploit is remote and public, making the likelihood of a successful attack significant despite the lack of an EPSS score. The vulnerability is not listed in the CISA KEV catalogue, yet the public availability of the exploit calls for vigilant monitoring until an official patch is released.

Generated by OpenCVE AI on May 17, 2026 at 05:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Verify which Open5GS version is running and whether the NRF component is exposed to external networks.
  • Prior to a patch, block external access to the NRF service using firewall rules or place it behind a VPN to limit exposure.
  • Continuously monitor logs for attempts to manipulate service‑names or snssais and alert on anomalous patterns.

Generated by OpenCVE AI on May 17, 2026 at 05:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 17 May 2026 04:45:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in Open5GS up to 2.7.7. This affects an unknown function in the library /lib/sbi/message.c of the component NRF. Performing a manipulation of the argument service-names/snssais results in denial of service. The attack is possible to be carried out remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Title Open5GS NRF message.c denial of service
First Time appeared Open5gs
Open5gs open5gs
Weaknesses CWE-404
CPEs cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*
Vendors & Products Open5gs
Open5gs open5gs
References
Metrics cvssV2_0

{'score': 4, 'vector': 'AV:N/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 4.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Open5gs Open5gs
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-17T03:30:09.989Z

Reserved: 2026-05-16T10:08:52.495Z

Link: CVE-2026-8729

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-17T05:16:16.370

Modified: 2026-05-17T05:16:16.370

Link: CVE-2026-8729

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-17T06:00:12Z

Weaknesses