CVE-2026-2524
- Source
- https://cve.org/CVERecord?id=CVE-2026-2524
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-2524.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2026-2524
- Published
- 2026-02-16T01:15:54Z
- Modified
- 2026-02-20T02:40:46.692427Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A flaw has been found in Open5GS 2.7.6. The impacted element is the function mmes11handlecreatesession_response of the component MME. This manipulation causes denial of service. The attack can be initiated remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
- References
-
- https://github.com/open5gs/open5gs/
- https://github.com/open5gs/open5gs/issues/4284
- https://github.com/open5gs/open5gs/issues/4284#issue-3808462406
- https://vuldb.com/?ctiid.346112
- https://vuldb.com/?id.346112
- https://vuldb.com/?submit.738369
- https://github.com/open5gs/open5gs/issues/4284
- https://github.com/open5gs/open5gs/issues/4284#issue-3808462406
- https://vuldb.com/?ctiid.346112
- https://github.com/open5gs/open5gs/issues/4284
- https://github.com/open5gs/open5gs/issues/4284#issue-3808462406
Affected packages
Git / github.com/open5gs/open5gs
Affected ranges
- Type
- GIT
- Repo
- https://github.com/open5gs/open5gs
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
v0.*
v0.1.0
v0.1.1
v0.2.0
v0.3.0
v0.3.1
v0.3.10
v0.3.11
v0.3.2
v0.3.3
v0.3.4
v0.3.5
v0.3.6
v0.3.7
v0.3.8
v0.3.9
v0.4.0
v0.4.1
v0.4.2
v0.4.3
v0.4.4
v0.5.0
v0.5.1
v0.5.2
v1.*
v1.0.0
v1.1.0
v1.2.0
v1.2.1
v1.2.2
v1.2.3
v1.2.4
v1.3.0
v2.*
v2.0.0
v2.0.18
v2.0.22
v2.1.0
v2.1.1
v2.1.3
v2.1.4
v2.1.5
v2.1.7
v2.2.0
v2.2.1
v2.2.6
v2.2.7
v2.2.8
v2.2.9
v2.3.0
v2.3.1
v2.3.2
v2.3.6
v2.4.0
v2.4.1
v2.4.3
v2.4.4
v2.4.5
v2.4.7
v2.4.8
v2.4.9
v2.6.1
v2.6.2
v2.6.3
v2.6.4
v2.6.6
v2.7.0
v2.7.1
v2.7.2
v2.7.5
v2.7.6