Open5GS — Vulnerabilities & Security Advisories 75

All 75 CVE vulnerabilities found in Open5GS, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-8123	Open5GS NSSF message.c ogs_sbi_discovery_option_add_snssais denial of service CWE-404	4.3	Medium	2026-05-08
CVE-2026-8122	Open5GS NSSF message.c ogs_sbi_discovery_option_add_service_names denial of service CWE-404	4.3	Medium	2026-05-08
CVE-2026-8121	Open5GS NSSF conv.c ogs_sbi_parse_plmn_list denial of service CWE-404	4.3	Medium	2026-05-08
CVE-2026-8120	Open5GS NSSF nnssf-handler.c denial of service CWE-404	4.3	Medium	2026-05-08
CVE-2026-8119	Open5GS NSSF nghttp2-server.c ogs_sbi_stream_find_by_id denial of service CWE-404	3.3	Low	2026-05-08
CVE-2026-7781	Open5GS amf-3gpp-access Endpoint nudm-handler.c udm_nudm_uecm_handle_amf_registration_update denial of service CWE-404	4.3	Medium	2026-05-04
CVE-2026-7780	Open5GS smf-registrations Endpoint udm-sm.c udm_state_operational denial of service CWE-404	4.3	Medium	2026-05-04
CVE-2026-7779	Open5GS authentication-subscription Endpoint nudr-handler.c udm_nudr_dr_handle_subscription_authentication denial of service CWE-404	4.3	Medium	2026-05-04
CVE-2026-7708	Open5GS UDR subscription.c ogs_dbi_subscription_data denial of service CWE-404	4.3	Medium	2026-05-03
CVE-2026-7707	Open5GS UDR nudr-handler.c udr_nudr_dr_handle_subscription_context denial of service CWE-404	4.3	Medium	2026-05-03
CVE-2026-7706	Open5GS AMF gmm-handler.c gmm_handle_service_request denial of service CWE-404	4.3	Medium	2026-05-03
CVE-2026-7601	Open5GS AMF gmm-handler.c denial of service CWE-404	4.3	Medium	2026-05-02
CVE-2026-7587	Open5GS AMF nsmf-handler.c amf_nsmf_pdusession_handle_update_sm_context denial of service CWE-404	4.3	Medium	2026-05-01
CVE-2026-7586	Open5GS AMF nudm-handler.c ogs_id_get_value denial of service CWE-404	4.3	Medium	2026-05-01
CVE-2026-7585	Open5GS AMF nudm-handler.c amf_nudm_sdm_handle_provisioned denial of service CWE-404	4.3	Medium	2026-05-01
CVE-2026-7583	Open5GS BSF context.c bsf_sess_find_by_ipv6prefix denial of service CWE-404	4.3	Medium	2026-05-01
CVE-2026-7536	Open5GS BSF pcfBindings bsf_sess_add_by_ip_address denial of service CWE-404	5.3	Medium	2026-05-01
CVE-2026-7535	Open5GS transfer-update denial of service CWE-404	4.3	Medium	2026-05-01
CVE-2026-7518	Open5GS AMF SBI Endpoint sdmsubscription-notify amf_namf_callback_handle_sdm_data_change_notify denial of service CWE-404	4.3	Medium	2026-05-01
CVE-2026-4988	Open5GS CCA Message smf_s6b denial of service CWE-404	3.7	Low	2026-03-27
CVE-2026-4240	Open5GS CCA smf_s6b_sta_cb denial of service CWE-404	5.3	Medium	2026-03-16
CVE-2026-2524	Open5GS MME mme_s11_handle_create_session_response denial of service CWE-404	5.3	Medium	2026-02-16
CVE-2026-2523	Open5GS SMF gn-handler.c smf_gn_handle_create_pdp_context_request assertion CWE-617	5.3	Medium	2026-02-16
CVE-2026-2522	Open5GS MME esm-build.c memory corruption CWE-119	5.3	Medium	2026-02-15
CVE-2026-2521	Open5GS SGW-C sgwc_s5c_handle_create_session_response memory corruption CWE-119	5.3	Medium	2026-02-15
CVE-2026-2517	Open5GS SMF types.c ogs_gtp2_parse_tft denial of service CWE-404	5.3	Medium	2026-02-15
CVE-2026-2062	Open5GS PGW S5U Address sgwc_sxa_handle_session_modification_response null pointer dereference CWE-476	5.3	Medium	2026-02-06
CVE-2025-15555	Open5GS VoLTE Cx-Test hss-cx-path.c hss_ogs_diam_cx_mar_cb stack-based overflow CWE-121	7.3	High	2026-02-04
CVE-2026-1738	Open5GS SGWC context.c sgwc_tunnel_add assertion CWE-617	5.3	Medium	2026-02-02
CVE-2026-1737	Open5GS CreateBearerRequest s5c-handler.c sgwc_s5c_handle_create_bearer_request assertion CWE-617	5.3	Medium	2026-02-02

All 75 known CVE vulnerabilities affecting Open5GS with full Chinese analysis, references, and POCs where available.

Goal Reached Thanks to every supporter — we hit 100%!

Open5GS — Vulnerabilities & Security Advisories 75