Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

Open5GS — Vulnerabilities & Security Advisories 113

All 113 CVE vulnerabilities found in Open5GS, with AI-generated Chinese analysis, references, and POCs.

This page documents known vulnerabilities associated with Open5GS, an open-source 5G core network implementation, categorized by Common Weakness Enumeration (CWE) classifications. It aggregates security flaws affecting this specific software product, covering historical incidents and updates from its initial release through the present day. By consulting this resource, security professionals and system administrators can track the vendor’s security advisories, gain a deeper understanding of prevalent weakness classes within the 5G core architecture, and review the product’s comprehensive vulnerability history to assess risk exposure. The collection includes details on how these flaws impact network integrity, authentication mechanisms, and signaling protocols, providing context for mitigation strategies. This centralized view helps organizations prioritize patching efforts and align their internal security policies with current industry standards. The data is curated to reflect verified reports and official acknowledgments, ensuring accuracy in tracking the evolution of security postures for open-source 5G infrastructure. Users can navigate entries by severity, discovery date, or specific technical attributes to find relevant insights for their operational environments. This resource serves as a factual reference point rather than a promotional overview, focusing strictly on technical vulnerability data to support informed decision-making in network deployment and maintenance.

Vendor: unspecified

CVE IDTitleCVSSSeverityPublished
CVE-2026-10565 Open5GS NGAP Handover gmm-sm.c gmm_state_security_mode race condition CWE-362 3.1 Low2026-06-02
CVE-2026-10157 Open5GS NGAP PathSwitchRequest Message ngap-handler.c improper authentication CWE-287 7.3 High2026-05-31
CVE-2026-10156 Open5GS nf-instances Endpoint nnrf-handler.c handle_amf_info resource consumption CWE-400 4.3 Medium2026-05-30
CVE-2026-10117 Open5GS nghttp2-server.c ogs_pool_id_calloc denial of service CWE-404 4.3 Medium2026-05-30
CVE-2026-10116 Open5GS ue-authentications Endpoint ogs-timer.c ogs_sbi_xact_add denial of service CWE-404 4.3 Medium2026-05-30
CVE-2026-10115 Open5GS Shared NF-profile nnrf-handler.c denial of service CWE-404 4.3 Medium2026-05-30
CVE-2026-10114 Open5GS Shared NF-profile nnrf-handler.c handle_scp_info out-of-bounds write CWE-787 4.3 Medium2026-05-30
CVE-2026-10113 Open5GS Shared NF-profile nnrf-handler.c denial of service CWE-404 4.3 Medium2026-05-30
CVE-2026-8746 Open5GS NRF nghttp2-server.c discover_handler use after free CWE-416 4.3 Medium2026-05-17
CVE-2026-8745 Open5GS AUSF nausf-handler.c ogs_timer_add denial of service CWE-404 4.3 Medium2026-05-17
CVE-2026-8744 Open5GS NRF context.c ogs_sbi_nf_service_add denial of service CWE-404 4.3 Medium2026-05-17
CVE-2026-8743 Open5GS AMF/MME context.c ran_ue_find_by_amf_ue_ngap_id improper authorization CWE-285 6.3 Medium2026-05-17
CVE-2026-8731 Open5GS NRF client.c ogs_sbi_client_add denial of service CWE-404 4.3 Medium2026-05-17
CVE-2026-8730 Open5GS NRF context.c ogs_sbi_nf_instance_set_id denial of service CWE-404 4.3 Medium2026-05-17
CVE-2026-8729 Open5GS NRF message.c denial of service CWE-404 4.3 Medium2026-05-17
CVE-2026-8728 Open5GS NRF conv.c ogs_sbi_discovery_option_parse_plmn_list denial of service CWE-404 4.3 Medium2026-05-17
CVE-2026-8292 Open5GS NRF conv.c yuarel_parse denial of service CWE-404 4.3 Medium2026-05-11
CVE-2026-8291 Open5GS NRF nnrf-handler.c ogs_nnrf_nfm_handle_nf_profile denial of service CWE-404 4.3 Medium2026-05-11
CVE-2026-8290 Open5GS SMF nsmf-handler.c smf_nsmf_handle_update_data_in_vsmf denial of service CWE-404 4.3 Medium2026-05-11
CVE-2026-8289 Open5GS SMF nsmf-handler.c smf_nsmf_handle_update_data_in_vsmf denial of service CWE-404 4.3 Medium2026-05-11
CVE-2026-8288 Open5GS SMF gsm-handler.c denial of service CWE-404 4.3 Medium2026-05-11
CVE-2026-8270 Open5GS SMF ogs_nas_parse_qos_rules denial of service CWE-404 4.3 Medium2026-05-11
CVE-2026-8269 Open5GS SMF smf_nsmf_handle_create_sm_context denial of service CWE-404 4.3 Medium2026-05-11
CVE-2026-8268 Open5GS SMF OpenAPI_list_create denial of service CWE-404 4.3 Medium2026-05-11
CVE-2026-8267 Open5GS SMF smf_nsmf_handle_created_data_in_vsmf denial of service CWE-404 4.3 Medium2026-05-11
CVE-2026-8266 Open5GS SMF gsm-build.c gsm_build_pdu_session_establishment_accept denial of service CWE-404 4.3 Medium2026-05-11
CVE-2026-8252 Open5GS SMF smf_nsmf_handle_create_data_in_hsmf null pointer dereference CWE-476 4.3 Medium2026-05-10
CVE-2026-8251 Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qos denial of service CWE-404 4.3 Medium2026-05-10
CVE-2026-8250 Open5GS SMF n4-build.c smf_n4_build_qos_flow_to_modify_list denial of service CWE-404 4.3 Medium2026-05-10
CVE-2026-8249 Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qos denial of service CWE-404 4.3 Medium2026-05-10

All 113 known CVE vulnerabilities affecting Open5GS with full Chinese analysis, references, and POCs where available.