CVE-2026-10565

LOW SEVERITY

CVSS Score & Metrics

Base Score

3.1 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L                                    

Vulnerability Description

A security flaw has been discovered in Open5GS up to 2.7.6. The impacted element is the function gmm_state_security_mode of the file src/amf/gmm-sm.c of the component NGAP Handover. Performing a manipulation results in race condition. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is regarded as difficult. The exploit has been released to the public and may be used for attacks. The pull request to fix this issue awaits acceptance.

Vulnerability Details

Published Date

June 02, 2026

Last Modified

June 02, 2026

CWE ID

CWE-362

Source

NVD

Product

Open5GS

External References

https://github.com/open5gs/open5gs/
https://github.com/open5gs/open5gs/issues/4497
https://github.com/open5gs/open5gs/pull/4501
https://github.com/user-attachments/files/27111025/N2-SMC-Concurrent.zip
https://vuldb.com/cve/CVE-2026-10565
https://vuldb.com/submit/818938
https://vuldb.com/vuln/367672
https://vuldb.com/vuln/367672/cti

CVE-2026-10565

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment