A vulnerability was determined in Open5GS up to 2.7.6. The affected element is the function smfgxccacb/smfgyccacb/smfs6baaacb/smfs6bstacb of the component CCA Handler. This manipulation causes denial of service. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.7.7 is sufficient to fix this issue. Patch name: 80eb484a6ab32968e755e628b70d1a9c64f012ec. Upgrading the affected component is recommended.
{
"cwe_ids": [
"CWE-404"
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/4xxx/CVE-2026-4240.json",
"cna_assigner": "VulDB",
"unresolved_ranges": [
{
"extracted_events": [
{
"introduced": "2.7.3"
},
{
"last_affected": "2.7.3"
},
{
"introduced": "2.7.4"
},
{
"last_affected": "2.7.4"
}
],
"source": "AFFECTED_FIELD"
}
]
}{
"cpe": "cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "2.7.7"
}
],
"source": [
"CPE_RANGE",
"REFERENCES"
]
}[
{
"source": "https://github.com/open5gs/open5gs/commit/80eb484a6ab32968e755e628b70d1a9c64f012ec",
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"line_hashes": [
"286832280686897877386663269906374356152",
"237047032260203517884579827715635620405",
"116524115645494846346800667577386580350",
"291154197191466349190884344106472321044",
"53099392610014375379891174915329441325"
],
"threshold": 0.9
},
"deprecated": false,
"id": "CVE-2026-4240-097f0c1e",
"target": {
"file": "src/smf/gy-path.c"
}
},
{
"source": "https://github.com/open5gs/open5gs/commit/80eb484a6ab32968e755e628b70d1a9c64f012ec",
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"function_hash": "130296096657943261152918749756700875650",
"length": 4319.0
},
"deprecated": false,
"id": "CVE-2026-4240-2f75c394",
"target": {
"function": "smf_s6b_sta_cb",
"file": "src/smf/s6b-path.c"
}
},
{
"source": "https://github.com/open5gs/open5gs/commit/80eb484a6ab32968e755e628b70d1a9c64f012ec",
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"function_hash": "92942622530081123800530463779408980798",
"length": 4316.0
},
"deprecated": false,
"id": "CVE-2026-4240-868baa39",
"target": {
"function": "smf_s6b_aaa_cb",
"file": "src/smf/s6b-path.c"
}
},
{
"source": "https://github.com/open5gs/open5gs/commit/80eb484a6ab32968e755e628b70d1a9c64f012ec",
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"function_hash": "48066293071339186820413693103493647171",
"length": 8508.0
},
"deprecated": false,
"id": "CVE-2026-4240-9e3e4749",
"target": {
"function": "smf_gy_cca_cb",
"file": "src/smf/gy-path.c"
}
},
{
"source": "https://github.com/open5gs/open5gs/commit/80eb484a6ab32968e755e628b70d1a9c64f012ec",
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"line_hashes": [
"173173611972938205206480386988927771189",
"237047032260203517884579827715635620405",
"261541326721294318550410748630230460168",
"83047868071616557476164884720546196498",
"67408004420327051982254656160822854663",
"237047032260203517884579827715635620405",
"261541326721294318550410748630230460168",
"83047868071616557476164884720546196498",
"67408004420327051982254656160822854663"
],
"threshold": 0.9
},
"deprecated": false,
"id": "CVE-2026-4240-b7b2fbba",
"target": {
"file": "src/smf/s6b-path.c"
}
},
{
"source": "https://github.com/open5gs/open5gs/commit/80eb484a6ab32968e755e628b70d1a9c64f012ec",
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"function_hash": "110292961675724856263265827935457661500",
"length": 10609.0
},
"deprecated": false,
"id": "CVE-2026-4240-c19707cc",
"target": {
"function": "smf_gx_cca_cb",
"file": "src/smf/gx-path.c"
}
},
{
"source": "https://github.com/open5gs/open5gs/commit/80eb484a6ab32968e755e628b70d1a9c64f012ec",
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"line_hashes": [
"312222335752906932391640947031498928207",
"237047032260203517884579827715635620405",
"261541326721294318550410748630230460168",
"197094743083022473270121504420999007094",
"260351164589364287184851166644780048951"
],
"threshold": 0.9
},
"deprecated": false,
"id": "CVE-2026-4240-d237e515",
"target": {
"file": "src/smf/gx-path.c"
}
}
]
"2026-07-15T17:43:40Z"
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-4240.json"