Heap Out-of-Bounds Read Vulnerability in Open5GS by Open5GS
CVE-2026-15720

8.6HIGH

Key Information:

Vendor

Open5gs

Status
Vendor
CVE Published:
14 July 2026

What is CVE-2026-15720?

In Open5GS up to version 2.7.7, there exists a vulnerability related to a heap out-of-bounds read within the AMF NAS 5GS mobile identity handler. This flaw has the potential to compromise service availability, leading to a denial of service that may affect subscribers. Organizations using affected versions should take immediate action to mitigate risks related to this vulnerability as part of their security protocols.

Affected Version(s)

open5gs 0 <= 2.7.7

References

CVSS V3.1

Score:
8.6
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.