Nixpkgs security tracker

Published

Permalink CVE-2026-10565

1.3 LOW

CVSS version (CVSS): 4.0
Attack Vector (AV): Network (N)
Attack Complexity (AC): High (H)
Attack Requirement (AT): None (N)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Vulnerable System Impact Confidentiality (VC): None (N)
Vulnerable System Impact Integrity (VI): None (N)
Vulnerable System Impact Availability (VA): Low (L)
Subsequent System Impact Confidentiality (SC): None (N)
Subsequent System Impact Integrity (SI): None (N)
Subsequent System Impact Availability (SA): None (N)
Exploit Maturity (E): POC (P)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): High (H)
Modified Attack Requirement (MAT): None (N)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Vulnerable System Impact Confidentiality (MVC): None (N)
Modified Vulnerable System Impact Integrity (MVI): None (N)
Modified Vulnerable System Impact Availability (MVA): Low (L)
Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
Modified Subsequent System Impact Integrity (MSI): Negligible (N)
Modified Subsequent System Impact Availability (MSA): Negligible (N)
Safety (S): Not Defined (X)
Automatable (AU): Not Defined (X)
Recovery (R): Not Defined (X)
Value Density (V): Not Defined (X)
Vulnerability Response Effort (RE): Not Defined (X)
Provider Urgency (U): Not Defined (X)
Confidentiality Req. (CR): Not Defined (X)
Integrity Req. (IR): Not Defined (X)
Availability Req. (AR): Not Defined (X)

updated 1 week, 4 days ago by @LeSuisse Activity log

Created suggestion 1 week, 4 days ago
@LeSuisse ignored package open5gs-webui 1 week, 4 days ago
@LeSuisse ignored
4 references
1 week, 4 days ago
@LeSuisse accepted 1 week, 4 days ago
@LeSuisse published on GitHub 1 week, 4 days ago

Open5GS NGAP Handover gmm-sm.c gmm_state_security_mode race condition

A security flaw has been discovered in Open5GS up to 2.7.6. The impacted element is the function gmm_state_security_mode of the file src/amf/gmm-sm.c of the component NGAP Handover. Performing a manipulation results in race condition. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is regarded as difficult. The exploit has been released to the public and may be used for attacks. The pull request to fix this issue awaits acceptance.

References

VDB-367672 | Open5GS NGAP Handover gmm-sm.c gmm_state_security_mode race condition technical-descriptionvdb-entry
https://github.com/open5gs/open5gs/issues/4497 issue-tracking
https://github.com/open5gs/open5gs/pull/4501 issue-trackingpatch
https://github.com/user-attachments/files/27111025/N2-SMC-Concurrent.zip exploit

Ignored references (4)

VDB-367672 | CTI Indicators (IOB, IOC, IOA) permissions-requiredsignature
CVE-2026-10565 | CVE Analysis and Report third-party-advisory
Submit #818938 | open5gs v2.7.6 Race Condition third-party-advisory
https://github.com/open5gs/open5gs/ product

Affected products

Open5GS

==2.7.1
==2.7.4
==2.7.0
==2.7.3
==2.7.5
==2.7.6
==2.7.2

Matching in nixpkgs

pkgs.open5gs

4G/5G core network components

nixos-unstable 2.7.7
- nixpkgs-unstable 2.7.7
- nixos-unstable-small 2.7.7

Ignored packages (1)

pkgs.open5gs-webui

4G/5G core network components

nixos-unstable 2.7.7
- nixpkgs-unstable 2.7.7
- nixos-unstable-small 2.7.7

Package maintainers

@Bot-wxt1221 Bot-wxt1221 <3264117476@qq.com>
@xddxdd Yuhui Xu <b980120@hotmail.com>

Published

Permalink CVE-2026-10157

5.5 MEDIUM

CVSS version (CVSS): 4.0
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Attack Requirement (AT): None (N)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Vulnerable System Impact Confidentiality (VC): Low (L)
Vulnerable System Impact Integrity (VI): Low (L)
Vulnerable System Impact Availability (VA): Low (L)
Subsequent System Impact Confidentiality (SC): None (N)
Subsequent System Impact Integrity (SI): None (N)
Subsequent System Impact Availability (SA): None (N)
Exploit Maturity (E): POC (P)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Attack Requirement (MAT): None (N)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Vulnerable System Impact Confidentiality (MVC): Low (L)
Modified Vulnerable System Impact Integrity (MVI): Low (L)
Modified Vulnerable System Impact Availability (MVA): Low (L)
Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
Modified Subsequent System Impact Integrity (MSI): Negligible (N)
Modified Subsequent System Impact Availability (MSA): Negligible (N)
Safety (S): Not Defined (X)
Automatable (AU): Not Defined (X)
Recovery (R): Not Defined (X)
Value Density (V): Not Defined (X)
Vulnerability Response Effort (RE): Not Defined (X)
Provider Urgency (U): Not Defined (X)
Confidentiality Req. (CR): Not Defined (X)
Integrity Req. (IR): Not Defined (X)
Availability Req. (AR): Not Defined (X)

updated 1 week, 5 days ago by @LeSuisse Activity log

Created suggestion 1 week, 5 days ago
@LeSuisse ignored
4 references
1 week, 5 days ago
@LeSuisse ignored package open5gs-webui 1 week, 5 days ago
@LeSuisse accepted 1 week, 5 days ago
@LeSuisse published on GitHub 1 week, 5 days ago

Open5GS NGAP PathSwitchRequest Message ngap-handler.c improper authentication

A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. The identifier of the patch is a188e36b1741ffc2252133f59b1bda4f14d3cb5c. It is suggested to install a patch to address this issue.

References

VDB-367410 | Open5GS NGAP PathSwitchRequest Message ngap-handler.c improper authentication vdb-entry
https://github.com/open5gs/open5gs/issues/4393 issue-trackingexploit
https://github.com/open5gs/open5gs/pull/4557 issue-trackingpatch
https://github.com/open5gs/open5gs/commit/a188e36b1741ffc2252133f59b1bda4f14d3c… patch

Ignored references (4)

VDB-367410 | CTI Indicators (IOB, IOC, IOA) permissions-requiredsignature
CVE-2026-10157 | CVE Analysis and Report third-party-advisory
Submit #818939 | open5gs Open5GS v2.7.6 Improper Authentication third-party-advisory
https://github.com/open5gs/open5gs/ product

Affected products

Open5GS

==2.7.1
==2.7.4
==2.7.0
==2.7.3
==2.7.5
==2.7.6
==2.7.2

Matching in nixpkgs

pkgs.open5gs

4G/5G core network components

nixos-unstable 2.7.7
- nixpkgs-unstable 2.7.7
- nixos-unstable-small 2.7.7

Ignored packages (1)

pkgs.open5gs-webui

4G/5G core network components

nixos-unstable 2.7.7
- nixpkgs-unstable 2.7.7
- nixos-unstable-small 2.7.7

Package maintainers

@xddxdd Yuhui Xu <b980120@hotmail.com>
@Bot-wxt1221 Bot-wxt1221 <3264117476@qq.com>

Published

Permalink CVE-2026-10117

2.1 LOW

CVSS version (CVSS): 4.0
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Attack Requirement (AT): None (N)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Vulnerable System Impact Confidentiality (VC): None (N)
Vulnerable System Impact Integrity (VI): None (N)
Vulnerable System Impact Availability (VA): Low (L)
Subsequent System Impact Confidentiality (SC): None (N)
Subsequent System Impact Integrity (SI): None (N)
Subsequent System Impact Availability (SA): None (N)
Exploit Maturity (E): POC (P)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Attack Requirement (MAT): None (N)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Vulnerable System Impact Confidentiality (MVC): None (N)
Modified Vulnerable System Impact Integrity (MVI): None (N)
Modified Vulnerable System Impact Availability (MVA): Low (L)
Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
Modified Subsequent System Impact Integrity (MSI): Negligible (N)
Modified Subsequent System Impact Availability (MSA): Negligible (N)
Safety (S): Not Defined (X)
Automatable (AU): Not Defined (X)
Recovery (R): Not Defined (X)
Value Density (V): Not Defined (X)
Vulnerability Response Effort (RE): Not Defined (X)
Provider Urgency (U): Not Defined (X)
Confidentiality Req. (CR): Not Defined (X)
Integrity Req. (IR): Not Defined (X)
Availability Req. (AR): Not Defined (X)

updated 1 week, 6 days ago by @LeSuisse Activity log

Created suggestion 2 weeks ago
@LeSuisse ignored
3 references
1 week, 6 days ago
@LeSuisse ignored package open5gs-webui 1 week, 6 days ago
@LeSuisse accepted 1 week, 6 days ago
@LeSuisse published on GitHub 1 week, 6 days ago

Open5GS nghttp2-server.c ogs_pool_id_calloc denial of service

A weakness has been identified in Open5GS up to 2.7.7. This issue affects the function ogs_pool_id_calloc in the library /lib/sbi/nghttp2-server.c. Executing a manipulation can lead to denial of service. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. It is best practice to apply a patch to resolve this issue.

References

VDB-367295 | Open5GS nghttp2-server.c ogs_pool_id_calloc denial of service technical-descriptionvdb-entry
https://github.com/open5gs/open5gs/issues/4474 issue-trackingexploit

Ignored references (3)

VDB-367295 | CTI Indicators (IOB, IOC, TTP, IOA) permissions-requiredsignature
Submit #818586 | Open5GS NRF/UDM/UDR/NSSF/BSF/PCF/AMF/AUSF/SMF v2.7.7 Denial of Service third-party-advisory
https://github.com/open5gs/open5gs/ product

Affected products

Open5GS

==2.7.1
==2.7.4
==2.7.7
==2.7.0
==2.7.3
==2.7.5
==2.7.6
==2.7.2

Matching in nixpkgs

pkgs.open5gs

4G/5G core network components

nixos-unstable 2.7.7
- nixpkgs-unstable 2.7.7
- nixos-unstable-small 2.7.7

Ignored packages (1)

pkgs.open5gs-webui

4G/5G core network components

nixos-unstable 2.7.7
- nixpkgs-unstable 2.7.7
- nixos-unstable-small 2.7.7

Package maintainers

@xddxdd Yuhui Xu <b980120@hotmail.com>
@Bot-wxt1221 Bot-wxt1221 <3264117476@qq.com>

Published

Permalink CVE-2026-10156

2.1 LOW

CVSS version (CVSS): 4.0
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Attack Requirement (AT): None (N)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Vulnerable System Impact Confidentiality (VC): None (N)
Vulnerable System Impact Integrity (VI): None (N)
Vulnerable System Impact Availability (VA): Low (L)
Subsequent System Impact Confidentiality (SC): None (N)
Subsequent System Impact Integrity (SI): None (N)
Subsequent System Impact Availability (SA): None (N)
Exploit Maturity (E): POC (P)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Attack Requirement (MAT): None (N)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Vulnerable System Impact Confidentiality (MVC): None (N)
Modified Vulnerable System Impact Integrity (MVI): None (N)
Modified Vulnerable System Impact Availability (MVA): Low (L)
Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
Modified Subsequent System Impact Integrity (MSI): Negligible (N)
Modified Subsequent System Impact Availability (MSA): Negligible (N)
Safety (S): Not Defined (X)
Automatable (AU): Not Defined (X)
Recovery (R): Not Defined (X)
Value Density (V): Not Defined (X)
Vulnerability Response Effort (RE): Not Defined (X)
Provider Urgency (U): Not Defined (X)
Confidentiality Req. (CR): Not Defined (X)
Integrity Req. (IR): Not Defined (X)
Availability Req. (AR): Not Defined (X)

updated 1 week, 6 days ago by @LeSuisse Activity log

Created suggestion 2 weeks ago
@LeSuisse ignored package open5gs-webui 1 week, 6 days ago
@LeSuisse ignored
3 references
1 week, 6 days ago
@LeSuisse accepted 1 week, 6 days ago
@LeSuisse published on GitHub 1 week, 6 days ago

Open5GS nf-instances Endpoint nnrf-handler.c handle_amf_info resource consumption

A vulnerability was determined in Open5GS up to 2.7.7. This affects the function handle_amf_info in the library /lib/sbi/nnrf-handler.c of the component nf-instances Endpoint. Executing a manipulation of the argument nf_info_pool can lead to resource consumption. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. Applying a patch is advised to resolve this issue. The issue report is flagged as already-fixed.

References

VDB-367409 | Open5GS nf-instances Endpoint nnrf-handler.c handle_amf_info resource consumption technical-descriptionvdb-entry
https://github.com/open5gs/open5gs/issues/4480 issue-trackingexploit

Ignored references (3)

VDB-367409 | CTI Indicators (IOB, IOC, TTP, IOA) permissions-requiredsignature
Submit #818598 | Open5GS NRF v2.7.7 Denial of Service third-party-advisory
https://github.com/open5gs/open5gs/ product

Affected products

Open5GS

==2.7.1
==2.7.4
==2.7.7
==2.7.0
==2.7.3
==2.7.5
==2.7.6
==2.7.2

Matching in nixpkgs

pkgs.open5gs

4G/5G core network components

nixos-unstable 2.7.7
- nixpkgs-unstable 2.7.7
- nixos-unstable-small 2.7.7

Ignored packages (1)

pkgs.open5gs-webui

4G/5G core network components

nixos-unstable 2.7.7
- nixpkgs-unstable 2.7.7
- nixos-unstable-small 2.7.7

Package maintainers

@xddxdd Yuhui Xu <b980120@hotmail.com>
@Bot-wxt1221 Bot-wxt1221 <3264117476@qq.com>

Published

Permalink CVE-2026-10115

2.1 LOW

CVSS version (CVSS): 4.0
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Attack Requirement (AT): None (N)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Vulnerable System Impact Confidentiality (VC): None (N)
Vulnerable System Impact Integrity (VI): None (N)
Vulnerable System Impact Availability (VA): Low (L)
Subsequent System Impact Confidentiality (SC): None (N)
Subsequent System Impact Integrity (SI): None (N)
Subsequent System Impact Availability (SA): None (N)
Exploit Maturity (E): POC (P)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Attack Requirement (MAT): None (N)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Vulnerable System Impact Confidentiality (MVC): None (N)
Modified Vulnerable System Impact Integrity (MVI): None (N)
Modified Vulnerable System Impact Availability (MVA): Low (L)
Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
Modified Subsequent System Impact Integrity (MSI): Negligible (N)
Modified Subsequent System Impact Availability (MSA): Negligible (N)
Safety (S): Not Defined (X)
Automatable (AU): Not Defined (X)
Recovery (R): Not Defined (X)
Value Density (V): Not Defined (X)
Vulnerability Response Effort (RE): Not Defined (X)
Provider Urgency (U): Not Defined (X)
Confidentiality Req. (CR): Not Defined (X)
Integrity Req. (IR): Not Defined (X)
Availability Req. (AR): Not Defined (X)

updated 1 week, 6 days ago by @LeSuisse Activity log

Created suggestion 2 weeks ago
@LeSuisse ignored
3 references
1 week, 6 days ago
@LeSuisse ignored package open5gs-webui 1 week, 6 days ago
@LeSuisse accepted 1 week, 6 days ago
@LeSuisse published on GitHub 1 week, 6 days ago

Open5GS Shared NF-profile nnrf-handler.c denial of service

A vulnerability was identified in Open5GS up to 2.7.7. This affects an unknown part in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. Such manipulation leads to denial of service. The attack can be launched remotely. The exploit is publicly available and might be used. It is advisable to implement a patch to correct this issue.

References

VDB-367293 | Open5GS Shared NF-profile nnrf-handler.c denial of service vdb-entry
https://github.com/open5gs/open5gs/issues/4469 issue-trackingexploit
https://github.com/open5gs/open5gs/issues/4469#issuecomment-4389805398 issue-tracking
https://github.com/open5gs/open5gs/pull/4527 issue-trackingpatch

Ignored references (3)

VDB-367293 | CTI Indicators (IOB, IOC, TTP, IOA) permissions-requiredsignature
Submit #818583 | Open5GS NRF、AMF、AUSF、BSF、NSSF、PCF、SMF、UDM、UDR v2.7.7 Denial of Service third-party-advisory
https://github.com/open5gs/open5gs/ product

Affected products

Open5GS

==2.7.1
==2.7.7
==2.7.4
==2.7.0
==2.7.3
==2.7.5
==2.7.6
==2.7.2

Matching in nixpkgs

pkgs.open5gs

4G/5G core network components

nixos-unstable 2.7.7
- nixpkgs-unstable 2.7.7
- nixos-unstable-small 2.7.7

Ignored packages (1)

pkgs.open5gs-webui

4G/5G core network components

nixos-unstable 2.7.7
- nixpkgs-unstable 2.7.7
- nixos-unstable-small 2.7.7

Package maintainers

@xddxdd Yuhui Xu <b980120@hotmail.com>
@Bot-wxt1221 Bot-wxt1221 <3264117476@qq.com>

Published

Permalink CVE-2026-10113

2.1 LOW

CVSS version (CVSS): 4.0
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Attack Requirement (AT): None (N)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Vulnerable System Impact Confidentiality (VC): None (N)
Vulnerable System Impact Integrity (VI): None (N)
Vulnerable System Impact Availability (VA): Low (L)
Subsequent System Impact Confidentiality (SC): None (N)
Subsequent System Impact Integrity (SI): None (N)
Subsequent System Impact Availability (SA): None (N)
Exploit Maturity (E): POC (P)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Attack Requirement (MAT): None (N)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Vulnerable System Impact Confidentiality (MVC): None (N)
Modified Vulnerable System Impact Integrity (MVI): None (N)
Modified Vulnerable System Impact Availability (MVA): Low (L)
Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
Modified Subsequent System Impact Integrity (MSI): Negligible (N)
Modified Subsequent System Impact Availability (MSA): Negligible (N)
Safety (S): Not Defined (X)
Automatable (AU): Not Defined (X)
Recovery (R): Not Defined (X)
Value Density (V): Not Defined (X)
Vulnerability Response Effort (RE): Not Defined (X)
Provider Urgency (U): Not Defined (X)
Confidentiality Req. (CR): Not Defined (X)
Integrity Req. (IR): Not Defined (X)
Availability Req. (AR): Not Defined (X)

updated 1 week, 6 days ago by @LeSuisse Activity log

Created suggestion 2 weeks ago
@LeSuisse ignored
3 references
1 week, 6 days ago
@LeSuisse ignored package open5gs-webui 1 week, 6 days ago
@LeSuisse accepted 1 week, 6 days ago
@LeSuisse published on GitHub 1 week, 6 days ago

Open5GS Shared NF-profile nnrf-handler.c denial of service

A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is an unknown functionality in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. The manipulation results in denial of service. It is possible to launch the attack remotely. The exploit has been made public and could be used. A patch should be applied to remediate this issue.

References

VDB-367291 | Open5GS Shared NF-profile nnrf-handler.c denial of service vdb-entry
https://github.com/open5gs/open5gs/issues/4467 issue-trackingexploit
https://github.com/open5gs/open5gs/pull/4527 issue-trackingpatch

Ignored references (3)

VDB-367291 | CTI Indicators (IOB, IOC, TTP, IOA) permissions-requiredsignature
Submit #818581 | Open5GS NRF/AMF/AUSF/BSF/NSSF/PCF/SMF/UDM/UDR v2.7.7 Denial of Service third-party-advisory
https://github.com/open5gs/open5gs/ product

Affected products

Open5GS

==2.7.1
==2.7.4
==2.7.7
==2.7.0
==2.7.3
==2.7.5
==2.7.6
==2.7.2

Matching in nixpkgs

pkgs.open5gs

4G/5G core network components

nixos-unstable 2.7.7
- nixpkgs-unstable 2.7.7
- nixos-unstable-small 2.7.7

Ignored packages (1)

pkgs.open5gs-webui

4G/5G core network components

nixos-unstable 2.7.7
- nixpkgs-unstable 2.7.7
- nixos-unstable-small 2.7.7

Package maintainers

@xddxdd Yuhui Xu <b980120@hotmail.com>
@Bot-wxt1221 Bot-wxt1221 <3264117476@qq.com>

Published

Permalink CVE-2026-10116

2.1 LOW

CVSS version (CVSS): 4.0
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Attack Requirement (AT): None (N)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Vulnerable System Impact Confidentiality (VC): None (N)
Vulnerable System Impact Integrity (VI): None (N)
Vulnerable System Impact Availability (VA): Low (L)
Subsequent System Impact Confidentiality (SC): None (N)
Subsequent System Impact Integrity (SI): None (N)
Subsequent System Impact Availability (SA): None (N)
Exploit Maturity (E): POC (P)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Attack Requirement (MAT): None (N)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Vulnerable System Impact Confidentiality (MVC): None (N)
Modified Vulnerable System Impact Integrity (MVI): None (N)
Modified Vulnerable System Impact Availability (MVA): Low (L)
Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
Modified Subsequent System Impact Integrity (MSI): Negligible (N)
Modified Subsequent System Impact Availability (MSA): Negligible (N)
Safety (S): Not Defined (X)
Automatable (AU): Not Defined (X)
Recovery (R): Not Defined (X)
Value Density (V): Not Defined (X)
Vulnerability Response Effort (RE): Not Defined (X)
Provider Urgency (U): Not Defined (X)
Confidentiality Req. (CR): Not Defined (X)
Integrity Req. (IR): Not Defined (X)
Availability Req. (AR): Not Defined (X)

updated 1 week, 6 days ago by @LeSuisse Activity log

Created suggestion 2 weeks ago
@LeSuisse ignored
3 references
1 week, 6 days ago
@LeSuisse ignored package open5gs-webui 1 week, 6 days ago
@LeSuisse accepted 1 week, 6 days ago
@LeSuisse published on GitHub 1 week, 6 days ago

Open5GS ue-authentications Endpoint ogs-timer.c ogs_sbi_xact_add denial of service

A security flaw has been discovered in Open5GS up to 2.7.7. This vulnerability affects the function ogs_sbi_xact_add in the library /lib/core/ogs-timer.c of the component ue-authentications Endpoint. Performing a manipulation results in denial of service. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. Applying a patch is the recommended action to fix this issue.

References

VDB-367294 | Open5GS ue-authentications Endpoint ogs-timer.c ogs_sbi_xact_add denial of service technical-descriptionvdb-entry
https://github.com/open5gs/open5gs/issues/4473 issue-trackingexploit
https://github.com/open5gs/open5gs/pull/4578 issue-trackingpatch

Ignored references (3)

VDB-367294 | CTI Indicators (IOB, IOC, TTP, IOA) permissions-requiredsignature
Submit #818585 | Open5GS AUSF v2.7.7 Denial of Service third-party-advisory
https://github.com/open5gs/open5gs/ product

Affected products

Open5GS

==2.7.1
==2.7.4
==2.7.7
==2.7.0
==2.7.3
==2.7.5
==2.7.6
==2.7.2

Matching in nixpkgs

pkgs.open5gs

4G/5G core network components

nixos-unstable 2.7.7
- nixpkgs-unstable 2.7.7
- nixos-unstable-small 2.7.7

Ignored packages (1)

pkgs.open5gs-webui

4G/5G core network components

nixos-unstable 2.7.7
- nixpkgs-unstable 2.7.7
- nixos-unstable-small 2.7.7

Package maintainers

@xddxdd Yuhui Xu <b980120@hotmail.com>
@Bot-wxt1221 Bot-wxt1221 <3264117476@qq.com>

Published

Permalink CVE-2026-10114

2.1 LOW

CVSS version (CVSS): 4.0
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Attack Requirement (AT): None (N)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Vulnerable System Impact Confidentiality (VC): None (N)
Vulnerable System Impact Integrity (VI): None (N)
Vulnerable System Impact Availability (VA): Low (L)
Subsequent System Impact Confidentiality (SC): None (N)
Subsequent System Impact Integrity (SI): None (N)
Subsequent System Impact Availability (SA): None (N)
Exploit Maturity (E): POC (P)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Attack Requirement (MAT): None (N)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Vulnerable System Impact Confidentiality (MVC): None (N)
Modified Vulnerable System Impact Integrity (MVI): None (N)
Modified Vulnerable System Impact Availability (MVA): Low (L)
Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
Modified Subsequent System Impact Integrity (MSI): Negligible (N)
Modified Subsequent System Impact Availability (MSA): Negligible (N)
Safety (S): Not Defined (X)
Automatable (AU): Not Defined (X)
Recovery (R): Not Defined (X)
Value Density (V): Not Defined (X)
Vulnerability Response Effort (RE): Not Defined (X)
Provider Urgency (U): Not Defined (X)
Confidentiality Req. (CR): Not Defined (X)
Integrity Req. (IR): Not Defined (X)
Availability Req. (AR): Not Defined (X)

updated 1 week, 6 days ago by @LeSuisse Activity log

Created suggestion 2 weeks ago
@LeSuisse ignored package open5gs-webui 1 week, 6 days ago
@LeSuisse ignored
3 references
1 week, 6 days ago
@LeSuisse accepted 1 week, 6 days ago
@LeSuisse published on GitHub 1 week, 6 days ago

Open5GS Shared NF-profile nnrf-handler.c handle_scp_info out-of-bounds write

A vulnerability was determined in Open5GS up to 2.7.7. Affected by this issue is the function handle_scp_info in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. This manipulation causes out-of-bounds write. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. To fix this issue, it is recommended to deploy a patch.

References

VDB-367292 | Open5GS Shared NF-profile nnrf-handler.c handle_scp_info out-of-bounds write technical-descriptionvdb-entry
https://github.com/open5gs/open5gs/issues/4468 issue-trackingexploit

Ignored references (3)

VDB-367292 | CTI Indicators (IOB, IOC, IOA) permissions-requiredsignature
Submit #818582 | Open5GS AMF、AUSF、BSF、NSSF、PCF、SMF、UDM、UDR、SCP、SEPP、NRF v2.7.7 Denial of Service third-party-advisory
https://github.com/open5gs/open5gs/ product

Affected products

Open5GS

==2.7.1
==2.7.4
==2.7.7
==2.7.0
==2.7.3
==2.7.5
==2.7.6
==2.7.2

Matching in nixpkgs

pkgs.open5gs

4G/5G core network components

nixos-unstable 2.7.7
- nixpkgs-unstable 2.7.7
- nixos-unstable-small 2.7.7

Ignored packages (1)

pkgs.open5gs-webui

4G/5G core network components

nixos-unstable 2.7.7
- nixpkgs-unstable 2.7.7
- nixos-unstable-small 2.7.7

Package maintainers

@xddxdd Yuhui Xu <b980120@hotmail.com>
@Bot-wxt1221 Bot-wxt1221 <3264117476@qq.com>

Published

Permalink CVE-2026-8743

2.1 LOW

CVSS version (CVSS): 4.0
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Attack Requirement (AT): None (N)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Vulnerable System Impact Confidentiality (VC): Low (L)
Vulnerable System Impact Integrity (VI): Low (L)
Vulnerable System Impact Availability (VA): Low (L)
Subsequent System Impact Confidentiality (SC): None (N)
Subsequent System Impact Integrity (SI): None (N)
Subsequent System Impact Availability (SA): None (N)
Exploit Maturity (E): POC (P)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Attack Requirement (MAT): None (N)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Vulnerable System Impact Confidentiality (MVC): Low (L)
Modified Vulnerable System Impact Integrity (MVI): Low (L)
Modified Vulnerable System Impact Availability (MVA): Low (L)
Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
Modified Subsequent System Impact Integrity (MSI): Negligible (N)
Modified Subsequent System Impact Availability (MSA): Negligible (N)
Safety (S): Not Defined (X)
Automatable (AU): Not Defined (X)
Recovery (R): Not Defined (X)
Value Density (V): Not Defined (X)
Vulnerability Response Effort (RE): Not Defined (X)
Provider Urgency (U): Not Defined (X)
Confidentiality Req. (CR): Not Defined (X)
Integrity Req. (IR): Not Defined (X)
Availability Req. (AR): Not Defined (X)

updated 3 weeks, 6 days ago by @LeSuisse Activity log

Created suggestion 3 weeks, 6 days ago
@LeSuisse ignored
2 references
- https://github.com/open5gs/open5gs/
- https://github.com/open5gs/open5gs/comm…
3 weeks, 6 days ago
@LeSuisse ignored package open5gs-webui 3 weeks, 6 days ago
@LeSuisse ignored
2 references
- VDB-364330 | CTI Indicators (IOB, IOC, …
- Submit #814559 | Open5GS 2.7.6 Incorrec…
3 weeks, 6 days ago
@LeSuisse accepted 3 weeks, 6 days ago
@LeSuisse published on GitHub 3 weeks, 6 days ago

Open5GS AMF/MME context.c ran_ue_find_by_amf_ue_ngap_id improper authorization

A vulnerability was found in Open5GS up to 2.7.6. This impacts the function ran_ue_find_by_amf_ue_ngap_id of the file src/amf/context.c of the component AMF/MME. Performing a manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The patch is named 5746b8576cfceec18ed87eb7d8cf11b1fb4cd8b1. It is suggested to install a patch to address this issue.

References

VDB-364330 | Open5GS AMF/MME context.c ran_ue_find_by_amf_ue_ngap_id improper authorization technical-descriptionvdb-entry
https://github.com/open5gs/open5gs/issues/4498 issue-trackingexploit
https://github.com/open5gs/open5gs/pull/4553 issue-trackingpatch

Ignored references (4)

VDB-364330 | CTI Indicators (IOB, IOC, TTP, IOA) permissions-requiredsignature
Submit #814559 | Open5GS 2.7.6 Incorrect Authorization third-party-advisory
https://github.com/open5gs/open5gs/commit/5746b8576cfceec18ed87eb7d8cf11b1fb4cd… patch
https://github.com/open5gs/open5gs/ product

Affected products

Open5GS

==2.7.1
==2.7.4
==2.7.0
==2.7.3
==2.7.5
==2.7.6
==2.7.2

Matching in nixpkgs

pkgs.open5gs

4G/5G core network components

nixos-unstable 2.7.7
- nixpkgs-unstable 2.7.7
- nixos-unstable-small 2.7.7

Ignored packages (1)

pkgs.open5gs-webui

4G/5G core network components

nixos-unstable 2.7.7
- nixpkgs-unstable 2.7.7
- nixos-unstable-small 2.7.7

Package maintainers

@Bot-wxt1221 Bot-wxt1221 <3264117476@qq.com>
@xddxdd Yuhui Xu <b980120@hotmail.com>

Patch: https://github.com/open5gs/open5gs/commit/7d0405476dbf619a529379094c740f075aaabd3a

Published

Permalink CVE-2026-8745

2.1 LOW

CVSS version (CVSS): 4.0
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Attack Requirement (AT): None (N)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Vulnerable System Impact Confidentiality (VC): None (N)
Vulnerable System Impact Integrity (VI): None (N)
Vulnerable System Impact Availability (VA): Low (L)
Subsequent System Impact Confidentiality (SC): None (N)
Subsequent System Impact Integrity (SI): None (N)
Subsequent System Impact Availability (SA): None (N)
Exploit Maturity (E): POC (P)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Attack Requirement (MAT): None (N)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Vulnerable System Impact Confidentiality (MVC): None (N)
Modified Vulnerable System Impact Integrity (MVI): None (N)
Modified Vulnerable System Impact Availability (MVA): Low (L)
Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
Modified Subsequent System Impact Integrity (MSI): Negligible (N)
Modified Subsequent System Impact Availability (MSA): Negligible (N)
Safety (S): Not Defined (X)
Automatable (AU): Not Defined (X)
Recovery (R): Not Defined (X)
Value Density (V): Not Defined (X)
Vulnerability Response Effort (RE): Not Defined (X)
Provider Urgency (U): Not Defined (X)
Confidentiality Req. (CR): Not Defined (X)
Integrity Req. (IR): Not Defined (X)
Availability Req. (AR): Not Defined (X)

updated 3 weeks, 6 days ago by @LeSuisse Activity log

Created suggestion 3 weeks, 6 days ago
@LeSuisse ignored package open5gs-webui 3 weeks, 6 days ago
@LeSuisse ignored
3 references
3 weeks, 6 days ago
@LeSuisse accepted 3 weeks, 6 days ago
@LeSuisse published on GitHub 3 weeks, 6 days ago

Open5GS AUSF nausf-handler.c ogs_timer_add denial of service

A vulnerability was identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function ogs_timer_add in the library /src/ausf/nausf-handler.c of the component AUSF. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.

References

VDB-364332 | Open5GS AUSF nausf-handler.c ogs_timer_add denial of service technical-descriptionvdb-entry
https://github.com/open5gs/open5gs/issues/4472 issue-trackingexploit

Ignored references (3)

VDB-364332 | CTI Indicators (IOB, IOC, TTP, IOA) permissions-requiredsignature
Submit #817031 | Open5GS AUSF v2.7.7 Denial of Service third-party-advisory
https://github.com/open5gs/open5gs/ product

Affected products

Open5GS

==2.7.1
==2.7.4
==2.7.7
==2.7.0
==2.7.3
==2.7.5
==2.7.6
==2.7.2

Matching in nixpkgs

pkgs.open5gs

4G/5G core network components

nixos-unstable 2.7.7
- nixpkgs-unstable 2.7.7
- nixos-unstable-small 2.7.7

Ignored packages (1)

pkgs.open5gs-webui

4G/5G core network components

nixos-unstable 2.7.7
- nixpkgs-unstable 2.7.7
- nixos-unstable-small 2.7.7

Package maintainers

@Bot-wxt1221 Bot-wxt1221 <3264117476@qq.com>
@xddxdd Yuhui Xu <b980120@hotmail.com>

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.open5gs

pkgs.open5gs-webui

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.open5gs

pkgs.open5gs-webui

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.open5gs

pkgs.open5gs-webui

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.open5gs

pkgs.open5gs-webui

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.open5gs

pkgs.open5gs-webui

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.open5gs

pkgs.open5gs-webui

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.open5gs

pkgs.open5gs-webui

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.open5gs

pkgs.open5gs-webui

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.open5gs

pkgs.open5gs-webui

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.open5gs

pkgs.open5gs-webui

Package maintainers