CVE-2026-8252

MEDIUM NVD

CVSS Score 4.3

Severity MEDIUM

Published May 11, 2026

Vendor unknown

Description

A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function smf_nsmf_handle_create_data_in_hsmf of the component SMF. Executing a manipulation can lead to null pointer dereference. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.

References

https://github.com/open5gs/open5gs/
https://github.com/open5gs/open5gs/issues/4446
https://vuldb.com/submit/808482
https://vuldb.com/vuln/362549
https://vuldb.com/vuln/362549/cti