CVE-2026-8746

🔶 medium

Summary

A security flaw has been discovered in Open5GS up to 2.7.7. Affected by this issue is the function discover_handler in the library /lib/sbi/nghttp2-server.c of the component NRF. The manipulation results in use after free. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

CVSS Score

4.3

Medium

EPSS Score

0.1

Exploit Probability

Published Date

2026-05-17

First Seen: 2026-05-18

📊 Relative Risk Intelligence

This CVE is Lower Risk - more severe than 5.4% of all 326,604 vulnerabilities in our database.

#308,897

Below average severity

Severity Percentile

🎯 CISA SSVC Assessment Updated: May 18, 2026

🔍 Exploitation Status

Poc

Proof-of-concept available

⚙️ Automatable

Requires human interaction

💥 Technical Impact

Partial

Limited system impact

🏆 Discovered By

ZiyuLin (VulDB User) (reporter) VulDB CNA Team (coordinator)

SSVC data provided by CISA

Last Modified 2026-05-18

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CVSS Vector 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE IDs (Weakness Types)

CWE-119 CWE-416

📦 Affected Products 1

Vendor	Product	Status	Affected Versions
open5gs	open5gs	Affected	< 2.7.7

🔗 References 5

https://github.com/open5gs/open5gs/

Product

https://github.com/open5gs/open5gs/issues/4476

Exploit Issue Tracking

https://vuldb.com/submit/817032

Third Party Advisory VDB Entry

https://vuldb.com/vuln/364333

Third Party Advisory VDB Entry

https://vuldb.com/vuln/364333/cti

Permissions Required VDB Entry

🔗 Related CVEs 6

CVE ID	Severity	CVSS	EPSS	Summary	Published
CVE-2026-8728	🔶 medium	4.3	0.1	A security vulnerability has been detected in Open5GS up to 2.7.7. The impacted element is the function ogs_sbi_discover...	2026-05-17
CVE-2026-8729	🔶 medium	4.3	0.1	A vulnerability was detected in Open5GS up to 2.7.7. This affects an unknown function in the library /lib/sbi/message.c ...	2026-05-17
CVE-2026-8730	🔶 medium	4.3	0.1	A flaw has been found in Open5GS up to 2.7.6. This impacts the function ogs_sbi_nf_instance_set_id in the library /lib/s...	2026-05-17
CVE-2026-8731	🔶 medium	4.3	0.1	A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function ogs_sbi_client_add in the library /lib/s...	2026-05-17
CVE-2026-8743	🔶 medium	6.3	0.0	A vulnerability was found in Open5GS up to 2.7.6. This impacts the function ran_ue_find_by_amf_ue_ngap_id of the file sr...	2026-05-17
CVE-2026-8744	🔶 medium	4.3	0.1	A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function ogs_sbi_subscription_data_add/ogs_sbi_nf...	2026-05-17

These CVEs affect the same products