Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2026-7779— Open5GS authentication-subscription Endpoint nudr-handler.c udm_nudr_dr_handle_subscription_authentication denial of service

CVSS 4.3 · Medium EPSS 0.11% · P28
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-7779

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Open5GS authentication-subscription Endpoint nudr-handler.c udm_nudr_dr_handle_subscription_authentication denial of service
Source: NVD (National Vulnerability Database)
Vulnerability Description
A security flaw has been discovered in Open5GS up to 2.7.7. Affected is the function udm_nudr_dr_handle_subscription_authentication of the file /src/udm/nudr-handler.c of the component authentication-subscription Endpoint. Performing a manipulation results in denial of service. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
不恰当的资源关闭或释放
Source: NVD (National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-Open5GS 2.7.0 cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*

II. Public POCs for CVE-2026-7779

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-7779

Please Login to view more intelligence information

Same Patch Batch · n/a · 2026-05-04 · 17 CVEs total

CVE-2026-77337.3 HIGHfunadmin Frontend Chunked Upload Endpoint UploadService.php chunkUpload unrestricted uploa
CVE-2026-312055.7 MEDIUMPluck CMS<4.7.21dev 跨站脚本漏洞
CVE-2026-77814.3 MEDIUMOpen5GS amf-3gpp-access Endpoint nudm-handler.c udm_nudm_uecm_handle_amf_registration_upda
CVE-2026-77804.3 MEDIUMOpen5GS smf-registrations Endpoint udm-sm.c udm_state_operational denial of service
CVE-2025-70069Assimp v6.0.2远程拒绝服务漏洞
CVE-2025-70067Assimp<=6.0.2 FBX导入缓冲区溢出漏洞
CVE-2025-70070Assimp v6.0.2 FBX远程拒绝服务漏洞
CVE-2025-70072Assimp v6.0.2 FBX远程拒绝服务漏洞
CVE-2026-36365Lymphatus caesium-image-compressor多版本代码执行漏洞
CVE-2026-38669wCMS v1.4 博客创建 XSS 漏洞
CVE-2026-37461GoBGP v4.3.0越界读导致拒绝服务
CVE-2026-37458FRRouting 10.0-10.6 MP_REACH_NLRI缺少输入验证导致DoS
CVE-2025-70071Assimp 6.0.2 FBX解析拒绝服务漏洞
CVE-2026-37459FRRouting 10.0-10.6整数下溢致DoS漏洞
CVE-2026-38751OpenSTAManager <=2.10模块更新任意文件上传漏洞
CVE-2025-67796Rdiffweb未授权漏洞

IV. Related Vulnerabilities

Same product: Open5GS
Same vendor: n/a
Same weakness: CWE-404

V. Comments for CVE-2026-7779

No comments yet

Leave a comment