CVE-2026-7708

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

4.3 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L                                    

Vulnerability Description

A vulnerability was determined in Open5GS up to 2.7.7. The affected element is the function ogs_dbi_subscription_data in the library /lib/dbi/subscription.c of the component UDR. This manipulation of the argument supi_id causes denial of service. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.

Vulnerability Details

Published Date

May 03, 2026

Last Modified

May 05, 2026

CWE ID

CWE-404

Source

NVD

External References

https://github.com/open5gs/open5gs/
https://github.com/open5gs/open5gs/issues/4412
https://vuldb.com/submit/805701
https://vuldb.com/vuln/360884
https://vuldb.com/vuln/360884/cti

CVE-2026-7708

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment