Denial of Service Vulnerability in Open5GS by Open5GS Project
CVE-2026-7601

5.3MEDIUM

Key Information:

Vendor

Open5GS Project

Status
Open5gs
Vendor
CVE Published:
2 May 2026

What is CVE-2026-7601?

A vulnerability exists within Open5GS up to version 2.7.6 specifically in the AMF component's gmm-handler.c file. This issue arises from improper handling of the reg_type argument, allowing a remote attacker to induce a denial of service condition. To protect your systems, it is critical to upgrade to version 2.7.7, where this vulnerability has been addressed. The patch identifier for this update is ebc66942b6f8f1fab2d640e71cf4e9f1a423b426.

Affected Version(s)

Open5GS 2.7.0

Open5GS 2.7.1

Open5GS 2.7.2

References

https://vuldb.com/vuln/360558
vdb-entrytechnical-description
https://vuldb.com/vuln/360558/cti
signaturepermissions-required
https://vuldb.com/submit/805675
third-party-advisory

CVSS V4

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

jungnickel (VulDB User)
.