CVE-2026-4988

Source
https://cve.org/CVERecord?id=CVE-2026-4988
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-4988.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-4988
Published
2026-03-27T21:27:16.379Z
Modified
2026-07-15T01:48:56.259002111Z
Severity
  • 2.9 (Low) CVSS_V4 - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P CVSS Calculator
Summary
Open5GS CCA Message smf_s6b denial of service
Details

A security flaw has been discovered in Open5GS 2.7.6. This issue affects the function smfgxccacb/smfgyccacb/smf_s6b of the component CCA Message Handler. The manipulation results in denial of service. The attack may be launched remotely. Attacks of this nature are highly complex. The exploitability is assessed as difficult. The exploit has been released to the public and may be used for attacks.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/4xxx/CVE-2026-4988.json",
    "cwe_ids": [
        "CWE-404"
    ],
    "cna_assigner": "VulDB"
}
References

Affected packages

Git / github.com/open5gs/open5gs

Affected ranges

Type
GIT
Repo
https://github.com/open5gs/open5gs
Events
Database specific
{
    "cpe": "cpe:2.3:a:open5gs:open5gs:2.7.6:*:*:*:*:*:*:*",
    "source": [
        "AFFECTED_FIELD",
        "CPE_STRING"
    ],
    "extracted_events": [
        {
            "introduced": "2.7.6"
        },
        {
            "last_affected": "2.7.6"
        }
    ]
}

Affected versions

2.*
2.7.6
v2.*
v2.7.6

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-4988.json"