CVE-2026-8223

MEDIUM

A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcf_sess_sbi_discover_and_send of the component sm-policies Endpoint. Performing a manipulation results in denial of service. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.

CVSS v3.1 Score

5.3
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector
NETWORK
Complexity
LOW
Privileges
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
LOW
Published: 5/10/2026Modified: 5/13/2026

Related Intelligence (1)

HIGHVulnerability

NVD HIGH: CVE-2026-8223 — A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability...

A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcf_sess_sbi_discover_and_send of the component sm-policies Endpoint. Performing a manipulation results in denial of service. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has

CVE-2026-8223
NIST NVD

References (6)

https://github.com/open5gs/open5gs/Producthttps://github.com/open5gs/open5gs/issues/4438ExploitIssue Trackinghttps://vuldb.com/submit/808442Third Party AdvisoryVDB Entryhttps://vuldb.com/vuln/362440Third Party AdvisoryVDB Entryhttps://vuldb.com/vuln/362440/ctiPermissions RequiredVDB Entryhttps://vuldb.com/submit/808442Third Party AdvisoryVDB Entry